6 matches found
DISA Security Readiness Review Scripts Detection
The remote host has a copy of the DISA Security Readiness Review SRR Scripts present. TRUSTED...
DISA Security Readiness Review Scripts for Solaris Local Privilege Escalation
The remote host has a copy of the DISA Security Readiness Review SRR Scripts for Solaris that is affected by a local privilege escalation vulnerability. The vulnerability could be leveraged to execute files in arbitrary directories with root privileges, as long as such files are named 'java',...
U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) privilege escalation
Application executes all executables with predefined names found in system...
DISA UNIX SRR scripts execute untrusted programs as root
Overview The Defense Information Systems Agency DISA UNIX Security Readiness Review SRR scripts find1 and execute -exec various programs to obtain version information. The SRR scripts are designed to be run as root. An attacker who can write a file under the root file system may be able to exploi...
Code injection
The U.S. Defense Information Systems Agency DISA Security Readiness Review SRR script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to 1 java, 2 openssl, 3 php, 4 snort, 5 tshark, 6 vncserver, or 7 wireshark, which allows local users to gain...
CVE-2009-4211
The U.S. Defense Information Systems Agency DISA Security Readiness Review SRR script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to 1 java, 2 openssl, 3 php, 4 snort, 5 tshark, 6 vncserver, or 7 wireshark, which allows local users to gain...