jetlib.sec » SecuriTeam » eEye Retina Audit Script Execution of Arbitrary Code

Feeds

133326 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

SecuriTeam

• January 05, 2012
• 

  eEye Retina Audit Script Execution of Arbitrary Code

  Posted: January 5th, 2012, 5:29pm PST

  Tags:  vulnerability retina audit gauntlet-firewall shell-scripts remote-shell  

  eEye Retina audit scripts have the capability to run remote shell scripts in order to determine vulnerable applications. One audit script in particular (audit ID 2499) uses find(1) and execute (-exec) when assessing a vulnerability within Gauntlet Firewall. An attacker who can write an executable file in the portion of the file system searched with the find command may be able to exploit this vulnerability to execute arbitrary code with the same privileges provided to Retina to perform a vulnerability scan.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!