Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.NOSTROMO_NHTTPD_1_9_7.NASL
HistoryOct 30, 2020 - 12:00 a.m.

Nostromo < 1.9.7 Remote Code Execution

2020-10-3000:00:00
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
84
JSON

According to its Server response header, the installed version of Nostromo is prior to 1.9.7. It is, therefore, affected by remote code execution vulnerability.

##
# (C) Tenable Network Security, Inc.
##

include('compat.inc');

if (description)
{
  script_id(142137);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/02/08");

  script_cve_id("CVE-2019-16278");
  script_xref(name:"IAVA", value:"2020-A-0498");

  script_name(english:"Nostromo < 1.9.7 Remote Code Execution ");

  script_set_attribute(attribute:"synopsis", value:
"The remote web server is affected by a remote code execution vulnerability.");
  script_set_attribute(attribute:"description", value:
"According to its Server response header, the installed version of
Nostromo is prior to 1.9.7. It is, therefore, affected by remote code execution
 vulnerability.");
  # https://packetstormsecurity.com/files/155802/nostromo-1.9.6-Remote-Code-Execution.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?aff750ca");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Nostromo version 1.9.7 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16278");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"d2_elliot_name", value:"Nostromo Web Server RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Nostromo Directory Traversal Remote Command Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/10/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/30");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:nazgul:nostromo_nhttpd");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("nostromo_nhttpd_detect.nbin");
  script_require_keys("installed_sw/nostromo");

  exit(0);
}

include('http.inc');
include('vcf.inc');

appname = 'nostromo';
port = get_http_port(default:80);
get_install_count(app_name:appname, exit_if_zero:TRUE);

app_info = vcf::get_app_info(app:appname, port: port, service:TRUE);
vcf::check_granularity(app_info:app_info, sig_segments:3);

constraints = [
  {'fixed_version' : '1.9.7'}
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
VendorProductVersionCPE
nazgulnostromo_nhttpdcpe:/a:nazgul:nostromo_nhttpd

Related

githubexploit 10
prion 1
checkpoint_advisories 1
attackerkb 1
nuclei 1
packetstorm 2
exploitpack 1
zdt 2
dsquare 1
metasploit 1
cve 1
exploitdb 2
ics 1
githubexploit
githubexploit
Exploit for Path Traversal in Nazgul Nostromo Nhttpd
2019-10-23 22:24:18
Exploit for Path Traversal in Nazgul Nostromo Nhttpd
2019-12-31 16:06:13
Exploit for Path Traversal in Nazgul Nostromo Nhttpd
2021-07-19 00:45:07
prion
prion
Directory traversal
2019-10-14 17:15:00
checkpoint_advisories
checkpoint_advisories
Nostromo Web Server Directory Traversal (CVE-2019-16278)
2019-12-03 00:00:00
attackerkb
attackerkb
CVE-2019-16278
2019-10-14 00:00:00
nuclei
nuclei
nostromo 1.9.6 - Remote Code Execution
2020-09-01 15:59:30
packetstorm
packetstorm
Nostromo 1.9.6 Directory Traversal / Remote Command Execution
2019-10-31 00:00:00
nostromo 1.9.6 Remote Code Execution
2019-12-31 00:00:00
exploitpack
exploitpack
nostromo 1.9.6 - Remote Code Execution
2020-01-01 00:00:00
zdt
zdt
Nostromo 1.9.6 Directory Traversal / Remote Command Execution Exploit
2019-10-31 00:00:00
nostromo 1.9.6 - Remote Code Execution Exploit
2020-01-01 00:00:00
dsquare
dsquare
Nostromo Web Server RCE
2019-11-20 00:00:00
metasploit
metasploit
Nostromo Directory Traversal Remote Command Execution
2019-10-21 16:11:44
cve
cve
CVE-2019-16278
2019-10-14 17:15:00
exploitdb
exploitdb
nostromo 1.9.6 - Remote Code Execution
2020-01-01 00:00:00
Nostromo - Directory Traversal Remote Command Execution (Metasploit)
2019-11-01 00:00:00
ics
ics
Potential for China Cyber Response to Heightened U.S.–China Tensions
2020-10-20 12:00:00
JSON
Related for NOSTROMO_NHTTPD_1_9_7.NASL
githubexploit10prion1checkpoint_advisories1attackerkb1nuclei1packetstorm2exploitpack1zdt2dsquare1metasploit1cve1exploitdb2ics1