Vulnerabilities > CVE-2017-6972 - Improper Check for Dropped Privileges vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 | |
Application | 3 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | NfSen < 1.3.7 / AlienVault OSSIM 4.3.1 - 'customfmt' Command Injection. CVE-2017-6972,CVE-2017-7175. Webapps exploit for Linux platform |
file | exploits/linux/webapps/42314.txt |
id | EDB-ID:42314 |
last seen | 2017-07-11 |
modified | 2017-07-11 |
platform | linux |
port | |
published | 2017-07-11 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/42314/ |
title | NfSen < 1.3.7 / AlienVault OSSIM 4.3.1 - 'customfmt' Command Injection |
type | webapps |
Packetstorm
data source | https://packetstormsecurity.com/files/download/143325/nfsenalienvaultcustomfnt-exec.txt |
id | PACKETSTORM:143325 |
last seen | 2017-07-12 |
published | 2017-07-11 |
reporter | Paul Taylor |
source | https://packetstormsecurity.com/files/143325/NfSen-1.3.7-AlienVault-OSSIM-4.3.1-customfnt-Command-Injection.html |
title | NfSen 1.3.7 / AlienVault OSSIM 4.3.1 customfnt Command Injection |
References
- http://www.securityfocus.com/bid/97016
- http://www.securityfocus.com/bid/97016
- https://sourceforge.net/p/nfsen/news/2017/01/nfsen-138-released---security-fix/
- https://sourceforge.net/p/nfsen/news/2017/01/nfsen-138-released---security-fix/
- https://www.alienvault.com/forums/discussion/8698
- https://www.alienvault.com/forums/discussion/8698
- https://www.exploit-db.com/exploits/42314/
- https://www.exploit-db.com/exploits/42314/