Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Infoblox 6.8.2.11 - OS Command Injection

🗓️ 11 Jul 2014 00:00:00Reported by RootType 
seebug
 seebug🔗 www.seebug.org👁 47 Views

Infoblox Network Automation, OS Command Injection CVE-2014-3418, high ris

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Infoblox 6.8.2.11 - OS Command Injection / Weak MySQL Password Vulnerability
10 Jul 201400:00
zdt
CVE		CVE-2014-3418
15 Jul 201414:00
cve
Cvelist		CVE-2014-3418
15 Jul 201414:00
cvelist
Exploit DB		Infoblox 6.8.2.11 - OS Command Injection
10 Jul 201400:00
exploitdb
exploitpack		Infoblox 6.8.2.11 - OS Command Injection
10 Jul 201400:00
exploitpack
NVD		CVE-2014-3418
15 Jul 201414:55
nvd
OpenVAS		Infoblox NetMRI < 6.8.5 OS Command Injection Vulnerability - Active Check
15 Jul 201400:00
openvas
Packet Storm		Infoblox 6.8.4.x OS Command Injection
9 Jul 201400:00
packetstorm
Prion		Design/Logic Flaw
15 Jul 201414:55
prion
securityvulns		OS Command Injection Infoblox Network Automation
16 Oct 201400:00
securityvulns
Rows per page

                                                Product: Network Automation, licensed as:
•         NetMRI
•         Switch Port Manager
•         Automation Change Manager
•         Security Device Controller

Vendor: Infoblox
Vulnerable Version(s): 6.4.X.X-6.8.4.X
Tested Version: 6.8.2.11

Vendor Notification: May 12th, 2014 
Vendor Patch Availability to Customers: May 16th, 2014
Public Disclosure: July 9th, 2014 

Vulnerability Type: OS Command Injection [CWE-78]
CVE Reference: CVE-2014-3418
Risk Level: High 
CVSSv2 Base Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Solution Status: Solution Available

Discovered and Provided: Nate Kettlewell, Depth Security ( https://www.depthsecurity.com/ )

------------------------------------------------------------------------
-----------------------

Advisory Details:

Depth Security discovered a vulnerability in the Infoblox Network Automation management web interface. This attack does not require authentication of any kind.

1) OS Command Injection in Infoblox Network Automation Products: CVE-2014-3418

The vulnerability exists due to insufficient sanitization of user-supplied data in in skipjackUsername POST parameter. A remote attacker can inject operating system commands as the root user, and completely compromise the operating system.

The following is the relevant portion of the multipart/form-data POST request to netmri/config/userAdmin/login.tdf

Content-Disposition: form-data; name=&quot;skipjackUsername&quot;

admin`ping -n 20 127.0.0.1`

------------------------------------------------------------------------
-----------------------

Solution:

Infoblox immediately released a hotfix to remediate this vulnerability on existing installations (v6.X-NETMRI-20710.gpg). 
The flaw was corrected in the 6.8.5 release (created expressly for dealing with this issue), and that release has been put into manufacturing for new appliances.

------------------------------------------------------------------------
-----------------------

Proof of Concept:

In addition to manual exploitation via the above mentioned vector, proof of concept is provided in the form of a module for the metasploit framework.

https://github.com/depthsecurity/NetMRI-2014-3418
------------------------------------------------------------------------
-----------------------

References:

[1] Depth Security Advisory - http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html  - OS Command Injection in NetMRI.
[2] NetMRI - http://www.infoblox.com/products/network-automation/netmri - NetMRI is an Enterprise Network Management Appliance.
[3] Common Weakness Enumeration (CWE) - http://cwe.mitre.org/ - targeted to developers and security practitioners, CWE is a formal list of software weakness types.
[4] NetMRI Metasploit Module - https://github.com/depthsecurity/NetMRI-2014-3418

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Jul 2014 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.21106
infoblox network automationos command injectioncve-2014-3418depth securitynetmriswitch port managerautomation change managersecurity device controllervulnerabilityhotfixmetasploit.
47