Lucene search
K

43 matches found

Packet Storm
Packet Storm
added 2017/07/10 12:0 a.m.62 views

NfSen 1.3.7 / AlienVault USM/OSSIM 5.3.6 Local Root

Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...

4.6CVSS0.1AI score0.01678EPSS
Exploits4
0day.today
0day.today
added 2017/07/10 12:0 a.m.117 views

NfSen < 1.3.7 / AlienVault OSSIM < 5.3.6 - Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...

4.6CVSS8.2AI score0.01678EPSS
Exploits4
Packet Storm
Packet Storm
added 2017/07/10 12:0 a.m.63 views

NfSen 1.3.7 / AlienVault USM/OSSIM 5.3.4 Command Injection

Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage:...

9CVSS0.1AI score0.16179EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/07/10 12:0 a.m.59 views

NfSen &lt; 1.3.7 / AlienVault OSSIM &lt; 5.3.6 - Local Privilege Escalation

Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...

8.4CVSS9.1AI score0.01678EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/07/10 12:0 a.m.81 views

NfSen &lt; 1.3.7 / AlienVault OSSIM 5.3.4 - Command Injection

Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage:...

9CVSS8.7AI score0.16179EPSS
Exploits5
0day.today
0day.today
added 2017/07/10 12:0 a.m.72 views

NfSen <= 1.3.7 / AlienVault OSSIM 5.3.4 - Command Injection Vulnerability

Exploit for linux platform in category remote exploits Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Vendor Homepage:...

9CVSS8.6AI score0.16179EPSS
Exploits5
OSV
OSV
added 2017/03/22 8:59 p.m.3 views

CVE-2017-6972

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971...

9.8CVSS5.9AI score0.14603EPSS
Exploits3References4
Prion
Prion
added 2017/03/22 8:59 p.m.22 views

Code injection

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971...

10CVSS8.6AI score0.16179EPSS
Exploits12References4Affected Software3
CVE
CVE
added 2017/03/22 8:0 p.m.92 views

CVE-2017-6972

CVE-2017-6972 affects AlienVault USM/OSSIM before 5.3.7 and NfSen before 1.3.8, exposing a privilege-dropping bug that causes NfSen Perl components to run as root. Public exploit references (exploit-db entries 42314, 42305/42306) describe remote command execution and potential root access when ex...

10CVSS8.6AI score0.14603EPSS
Exploits3References4Affected Software2
NVD
NVD
added 2017/03/22 2:59 p.m.22 views

CVE-2017-6970

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...

8.4CVSS9.2AI score0.01678EPSS
Exploits4References4
OSV
OSV
added 2017/03/22 2:59 p.m.2 views

CVE-2017-6971

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862...

8.8CVSS6AI score0.16179EPSS
Exploits5References4
Prion
Prion
added 2017/03/22 2:59 p.m.18 views

Code injection

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862...

9CVSS8.9AI score0.16179EPSS
Exploits5References4Affected Software3
OSV
OSV
added 2017/03/22 2:59 p.m.3 views

CVE-2017-6970

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...

8.4CVSS6AI score0.01678EPSS
Exploits4References4
Prion
Prion
added 2017/03/22 2:59 p.m.13 views

Code injection

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...

4.6CVSS8.8AI score0.01678EPSS
Exploits4References4Affected Software3
NVD
NVD
added 2017/03/22 2:59 p.m.22 views

CVE-2017-6971

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862...

9CVSS9.2AI score0.16179EPSS
Exploits5References4
Cvelist
Cvelist
added 2017/03/22 2:0 p.m.25 views

CVE-2017-6970

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...

8.4AI score0.01678EPSS
Exploits4References4
CVE
CVE
added 2017/03/22 2:0 p.m.89 views

CVE-2017-6970

CVE-2017-6970 describes a local privilege escalation affecting NfSen 1.3.7 and AlienVault USM/OSSIM before 5.3.7/5.3.6. The issue arises from an OS command injection via the NfSen IPC UNIX domain socket , exploited by a web user (www-data) to execute crafted commands in the Perl components, ultim...

8.4CVSS8.2AI score0.01678EPSS
Exploits4References4Affected Software2
CVE
CVE
added 2017/03/22 2:0 p.m.76 views

CVE-2017-6971

CVE-2017-6971 affects AlienVault USM/OSSIM before 5.3.7 and NfSen before 1.3.8. A remote authenticated attacker can trigger arbitrary commands (or a reverse shell) through crafted requests manipulating NfSen’s PHP code (notably nfsen.php) and the PHP session ID, achieving root-level execution on ...

9CVSS8.6AI score0.16179EPSS
Exploits5References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2017/01/30 12:0 a.m.10 views

FreeBSD : nfsen -- remote command execution (6e83b2f3-e4e3-11e6-9ac1-a4badb2f4699)

Peter Haag reports : A remote attacker with access to the web interface to execute arbitrary commands on the host operating system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyrigh...

5.6AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/07/06 12:0 a.m.10 views

FreeBSD Ports: nfsen

The remote host is missing an update to the system as announced in the referenced advisory. VID 70372cda-6771-11de-883a-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID 70372cda-6771-11de-883a-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

7.4AI score
Exploits0
Rows per page
Query Builder