Vulnerabilities > CVE-2015-8368 - 7PK - Security Features vulnerability in Ntop Ntopng
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | ntop-ng <= 2.0.151021 - Privilege Escalation. CVE-2015-8368. Webapps exploits for multiple platform |
file | exploits/multiple/webapps/38836.txt |
id | EDB-ID:38836 |
last seen | 2016-02-04 |
modified | 2015-12-01 |
platform | multiple |
port | |
published | 2015-12-01 |
reporter | Dolev Farhi |
source | https://www.exploit-db.com/download/38836/ |
title | ntop-ng <= 2.0.151021 - Privilege Escalation |
type | webapps |
Packetstorm
data source | https://packetstormsecurity.com/files/download/134593/ntopng20151021-escalate.txt |
id | PACKETSTORM:134593 |
last seen | 2016-12-05 |
published | 2015-12-02 |
reporter | Dolev Farhi |
source | https://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html |
title | ntop-ng 2.0.15102 Privilege Escalation |