CVE-2011-3337

eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/...

CVE-2011-3337

CVE-2011-3337 affects eEye Retina Network Security Scanner (HP-UX, IRIX, Solaris). An audit script (Audit ID 2499) can execute arbitrary code via a Trojan gauntlet placed under /usr/local, enabling local privilege escalation to the same privileges as the Retina scanner. The issue stems from the a...

eEye Retina Audit ID 2499权限提升漏洞

CVE ID: CVE-2011-3337 eEye Retina Network Security Scanner可针对目标系统执行多种审查，进行安全漏洞评估测试。 eEye Retina在实现上存在安全漏洞，可被恶意本地用户利用获取提升的权限。 此漏洞源于Audit ID 2499 "Gauntlet Firewall For UNIX Buffer Overflow"在"/usr/local"文件夹中执行特定文件，可通过在 "/usr/local"文件夹中放置恶意文件执行任意代码。 eEye Retina Network Security Scanner 5.x 厂商补丁： eEy...