Vulnerabilities > CVE-2017-6972 - Improper Check for Dropped Privileges vulnerability in multiple products

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
alienvault
nfsen
CWE-273
critical
exploit available
NVD
Published: 2017-03-22
Updated: 2019-10-03

Summary

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.

Vulnerable Configurations

Part Description Count
Application
Alienvault
6
Application
Nfsen
3

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionNfSen < 1.3.7 / AlienVault OSSIM 4.3.1 - 'customfmt' Command Injection. CVE-2017-6972,CVE-2017-7175. Webapps exploit for Linux platform
fileexploits/linux/webapps/42314.txt
idEDB-ID:42314
last seen2017-07-11
modified2017-07-11
platformlinux
port
published2017-07-11
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/42314/
titleNfSen < 1.3.7 / AlienVault OSSIM 4.3.1 - 'customfmt' Command Injection
typewebapps

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/143325/nfsenalienvaultcustomfnt-exec.txt
idPACKETSTORM:143325
last seen2017-07-12
published2017-07-11
reporterPaul Taylor
sourcehttps://packetstormsecurity.com/files/143325/NfSen-1.3.7-AlienVault-OSSIM-4.3.1-customfnt-Command-Injection.html
titleNfSen 1.3.7 / AlienVault OSSIM 4.3.1 customfnt Command Injection

References