43 matches found
NfSen 1.3.7 / AlienVault USM/OSSIM 5.3.6 Local Root
Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...
NfSen < 1.3.7 / AlienVault OSSIM < 5.3.6 - Privilege Escalation Vulnerability
Exploit for linux platform in category local exploits Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...
NfSen 1.3.7 / AlienVault USM/OSSIM 5.3.4 Command Injection
Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage:...
NfSen < 1.3.7 / AlienVault OSSIM < 5.3.6 - Local Privilege Escalation
Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...
NfSen < 1.3.7 / AlienVault OSSIM 5.3.4 - Command Injection
Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage:...
NfSen <= 1.3.7 / AlienVault OSSIM 5.3.4 - Command Injection Vulnerability
Exploit for linux platform in category remote exploits Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Vendor Homepage:...
CVE-2017-6972
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971...
Code injection
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971...
CVE-2017-6972
CVE-2017-6972 affects AlienVault USM/OSSIM before 5.3.7 and NfSen before 1.3.8, exposing a privilege-dropping bug that causes NfSen Perl components to run as root. Public exploit references (exploit-db entries 42314, 42305/42306) describe remote command execution and potential root access when ex...
CVE-2017-6970
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...
CVE-2017-6971
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862...
Code injection
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862...
CVE-2017-6970
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...
Code injection
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...
CVE-2017-6971
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862...
CVE-2017-6970
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...
CVE-2017-6970
CVE-2017-6970 describes a local privilege escalation affecting NfSen 1.3.7 and AlienVault USM/OSSIM before 5.3.7/5.3.6. The issue arises from an OS command injection via the NfSen IPC UNIX domain socket , exploited by a web user (www-data) to execute crafted commands in the Perl components, ultim...
CVE-2017-6971
CVE-2017-6971 affects AlienVault USM/OSSIM before 5.3.7 and NfSen before 1.3.8. A remote authenticated attacker can trigger arbitrary commands (or a reverse shell) through crafted requests manipulating NfSen’s PHP code (notably nfsen.php) and the PHP session ID, achieving root-level execution on ...
FreeBSD : nfsen -- remote command execution (6e83b2f3-e4e3-11e6-9ac1-a4badb2f4699)
Peter Haag reports : A remote attacker with access to the web interface to execute arbitrary commands on the host operating system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyrigh...
FreeBSD Ports: nfsen
The remote host is missing an update to the system as announced in the referenced advisory. VID 70372cda-6771-11de-883a-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID 70372cda-6771-11de-883a-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...