Lucene search
PRIOn knowledge basePRION:CVE-2016-6598HistoryJan 30, 2018 - 8:29 p.m.
Design/Logic Flaw
2018-01-3020:29:00
PRIOn knowledge base
www.prio-n.com
4
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web root and achieve code execution as NETWORK SERVICE or SYSTEM.
| CPE | Name | Operator | Version |
|---|---|---|---|
| track-it\\! | le | 11.4 | |
| track-it\\! | eq | 11.4 hf1 | |
| track-it\\! | eq | 11.4 hf2 |
References
packetstormsecurity.com/files/146110/BMC-Track-It-11.4-Code-Execution-Information-Disclosure.html
seclists.org/fulldisclosure/2018/Jan/92
communities.bmc.com/community/bmcdn/bmc_track-it/blog/2016/01/04/track-it-security-advisory-24-dec-2015
github.com/pedrib/PoC/blob/master/advisories/bmc-track-it-11.4.txt
Related
nvd
nvd
CVE-2016-6598
2018-01-30 20:29:00
cvelist
cvelist
CVE-2016-6598
2018-01-30 20:00:00
cve
cve
CVE-2016-6598
2018-01-30 20:29:00
exploitpack
exploitpack
BMC Track-It! 11.4 - Multiple Vulnerabilities
2015-09-28 00:00:00
packetstorm
packetstorm
BMC Track-It! 11.4 Code Execution / Information Disclosure
2018-01-26 00:00:00
exploitdb
exploitdb
BMC Track-It! 11.4 - Multiple Vulnerabilities
2015-09-28 00:00:00
openvas
openvas
BMC Track-It! < 11.4 Hotfix 3 (11.4.0.440) Multiple Vulnerabilities
2016-07-19 00:00:00