Local Privilege Escalation in InterScan Web Security Virtual Appliance 5.0

vendor:

InterScan Web Security Virtual Appliance

by:

Ivan Huertas

6,8

CVSS

MEDIUM

Local Privilege Escalation

N/A

CWE

Product Name: InterScan Web Security Virtual Appliance

Affected Version From: InterScan Web Security Virtual Aplliance 5.0

Affected Version To: InterScan Web Security Virtual Aplliance 5.0

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Red Hat nash 5.1

2010

Local Privilege Escalation in InterScan Web Security Virtual Appliance 5.0

InterScan Web Security Virtual Appliance has a shell called “uihelper” that has suid bit on. So it could be possible to execute commands as root. Also using the vulnerability “Arbitrary File Upload” remote commands could be run as root.

Mitigation:

Patched

Source

Exploit-DB raw data:

Advisory Name: Local Privilege Escalation in InterScan Web Security Virtual
Apliance 5.0
Internal Cybsec Advisory Id: 2010-0604
Vulnerability Class: Local Privilege Escalation
Release Date: 22-06-2010
Affected Applications: InterScan Web Security Virtual Aplliance 5.0. Other versions may be affected
Affected Platforms: Red Hat nash 5.1
Local / Remote: Local
Severity: Medium - CVSS: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)
Researcher: Ivan Huertas
Vendor Status: Patched
Reference to Vulnerability Disclosure Policy: http://www.cybsec.com/vulnerability_policy.pdf

Vulnerability Description:
InterScan Web Security Virtual Appliance has a shell called “uihelper” that has suid bit on. So it could be possible to execute commands as root. Also using the vulnerability “Arbitrary File Upload” remote commands could be run as root.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14004.pdf (cybsec_advisory_2010_0604_InterScan_Web_Security_5_0_Local_Privilege_Escalation.pdf)