7 matches found
NfSen 1.3.7 AlienVault OSSIM 5.3.6 - Local Privilege Escalation
NfSen 1.3.7 AlienVault OSSIM 5.3.6 - Local Privilege Escalation Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage:...
CVE-2017-6970
creationtimestamp| type| source ---|---|--- 2017-07-10 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42305...
NfSen < 1.3.7 / AlienVault OSSIM < 5.3.6 - Privilege Escalation Vulnerability
Exploit for linux platform in category local exploits Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...
NfSen < 1.3.7 / AlienVault OSSIM < 5.3.6 - Local Privilege Escalation
Exploit Title: Local root exploit affecting NfSen = 1.3.7, AlienVault USM/OSSIM = 5.3.6 Version: NfSen 1.3.7 Version: AlienVault 5.3.6 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage: http://www.alienvault.com/ Software Link:...
Code injection
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971...
CVE-2017-6970
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...
CVE-2017-6970
CVE-2017-6970 describes a local privilege escalation affecting NfSen 1.3.7 and AlienVault USM/OSSIM before 5.3.7/5.3.6. The issue arises from an OS command injection via the NfSen IPC UNIX domain socket , exploited by a web user (www-data) to execute crafted commands in the Perl components, ultim...