vendredi 3 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mercredi 15 mai 2019

Xstream API up to 1.4.10 Security Framework XML Data Shell privilege escalation

A vulnerability has been found in Xstream API up to 1.4.10 and classified as critical. This vulnerability affects a functionality of the component Security Framework. The manipulation as part of a XML Data leads to a privilege escalation vulnerability (Shell). The CWE definition for the vulnerability is CWE-269. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was presented 05/15/2019 as mailinglist post (oss-sec). The advisory is available at seclists.org. This vulnerability was named CVE-2013-7285 since 01/09/2014. The attack can be initiated remotely. Technical details are unknown but a public exploit is available.

It is declared as proof-of-concept. It is possible to download the exploit at exploit-db.com. The vulnerability scanner Nessus provides a plugin with the ID 95738 (GLSA-201612-35 : XStream: Remote execution of arbitrary code), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Gentoo Local Security Checks and running in the context local.

Upgrading eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (95738).

Product

Vendor

Name

CPE 2.3

CPE 2.2

CVSSv3

VulDB Meta Base Score: 6.3
VulDB Meta Temp Score: 6.0

VulDB Base Score: 6.3
VulDB Temp Score: 6.0
VulDB Vector: 🔒
VulDB Reliability: 🔍

CVSSv2

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍

Exploiting

Class: Privilege escalation / Shell (CWE-269)
Local: No
Remote: Yes

Availability: 🔒
Access: Public
Status: Proof-of-Concept
Download: 🔒

Price Prediction: 🔍
Current Price Estimation: 🔒

Nessus ID: 95738
Nessus Name: GLSA-201612-35 : XStream: Remote execution of arbitrary code
Nessus File: 🔒
Nessus Risk: 🔒
Nessus Family: 🔒
Nessus Context: 🔒

OpenVAS ID: 103353
OpenVAS Name: Artifactory XStream Remote Code Execution Vulnerability
OpenVAS File: 🔒
OpenVAS Family: 🔒

Exploit-DB: 🔒

Threat Intelligence

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍

Countermeasures

Recommended: Upgrade
Status: 🔍
0-Day Time: 🔒

Timeline

01/09/2014 CVE assigned
12/13/2016 Countermeasure disclosed
12/13/2016 Nessus plugin released
05/15/2019 Advisory disclosed
05/16/2019 VulDB entry created
05/16/2019 VulDB last update

Sources

Advisory: seclists.org
Confirmation: 🔒

CVE: CVE-2013-7285 (🔒)

Entry

Created: 05/16/2019 06:52 AM
Complete: 🔍

Lien vers l'article source

Auteur: VulDB

Catégories: VulDBNombre de vues: 146

x

Événements SSI