source: http://www.securityfocus.com/bid/2859/info

A remote user could utilize the administrator functions of Interscan Viruswall without providing authentication credentials. This may allow the user to make configuration changes when submitting specially crafted URLs to the host. 

http://VirusWall/interscan/cgi-bin/interscan.dll
源链接

Hacking more

...