Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.MOBATEK_MOBAXTERM_CVE-2017-6805.NASL
HistoryMar 15, 2024 - 12:00 a.m.

Mobatek MobaXterm = 9.4 (CVE-2017-6805)

2024-03-1500:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
1
mobatek mobaxterm
version 9.4
vulnerability
directory traversal
tftp server

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.029 Low

EPSS

Percentile

90.8%

JSON

The version of Mobatek MobaXterm installed on the remote host is 9.4. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-6805 advisory.

  • Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a … (dot dot) in a GET command. (CVE-2017-6805)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(192158);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/15");

  script_cve_id("CVE-2017-6805");

  script_name(english:"Mobatek MobaXterm = 9.4 (CVE-2017-6805)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The version of Mobatek MobaXterm installed on the remote host is 9.4. It is, therefore, affected by a
vulnerability as referenced in the CVE-2017-6805 advisory.

  - Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote
    attackers to read arbitrary files via a .. (dot dot) in a GET command. (CVE-2017-6805)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://www.cvedetails.com/vulnerability-list/vendor_id-15701/product_id-32575/Mobatek-Mobaxterm.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f7905d11");
  script_set_attribute(attribute:"see_also", value:"https://www.cvedetails.com/cve/CVE-2017-6805");
  script_set_attribute(attribute:"solution", value:
"Upgrade Mobatek MobaXterm based upon the guidance specified in the linked advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-6805");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/03/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/03/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/03/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mobatek:mobaxterm");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mobatek_mobaxterm_win_installed.nbin");
  script_require_keys("installed_sw/Mobatek MobaXterm");

  exit(0);
}

include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');

var app_info = vcf::get_app_info(app:'Mobatek MobaXterm', win_local:TRUE);

var constraints = [
  { 'equal' : '9.4', 'fixed_display' : 'See vendor advisory' }
];

vcf::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_WARNING
);
VendorProductVersionCPE
mobatekmobaxtermcpe:/a:mobatek:mobaxterm

Related

zdt 1
cvelist 1
prion 1
cve 1
exploitpack 1
nvd 1
packetstorm 1
exploitdb 1
zdt
zdt
MobaXterm Personal Edition 9.4 - Directory Traversal Vulnerability
2017-03-11 00:00:00
cvelist
cvelist
CVE-2017-6805
2017-03-20 16:00:00
prion
prion
Directory traversal
2017-03-20 16:59:00
cve
cve
CVE-2017-6805
2017-03-20 16:59:02
exploitpack
exploitpack
MobaXterm Personal Edition 9.4 - Directory Traversal
2017-03-11 00:00:00
nvd
nvd
CVE-2017-6805
2017-03-20 16:59:02
packetstorm
packetstorm
MobaXterm Personal Edition 9.4 Path Traversal
2017-03-12 00:00:00
exploitdb
exploitdb
MobaXterm Personal Edition 9.4 - Directory Traversal
2017-03-11 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.029 Low

EPSS

Percentile

90.8%

JSON
Related for MOBATEK_MOBAXTERM_CVE-2017-6805.NASL
zdt1cvelist1prion1cve1exploitpack1nvd1packetstorm1exploitdb1