Published: 26/11/2012 Updated: 25/11/2013

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x prior to 3.0.4 allows remote malicious users to execute arbitrary commands via the (1) IP address or (2) port number field in an OMP request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openvas openvas manager 3.0
openvas openvas manager 3.0.0
openvas openvas manager 3.0.1
openvas openvas manager 3.0.2
openvas openvas manager 3.0.3

It has been identified that OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests It has been identified that this vulnerability may allow arbitrary code to be executed with the privileges of the OpenVAS Manager on vulnerable systems ...

CWE-20 http://openwall.com/lists/oss-security/2012/11/14/11 http://archives.neohapsis.com/archives/bugtraq/2012-11/0047.html http://www.openvas.org/OVSA20121112.html http://openwall.com/lists/oss-security/2012/11/14/5 http://openwall.com/lists/oss-security/2012/11/13/9 http://wald.intevation.org/scm/viewvc.php?view=rev&root=openvas&revision=14437 http://openwall.com/lists/oss-security/2012/11/13/12 http://www.securityfocus.com/bid/56497 http://secunia.com/advisories/49128 http://archives.neohapsis.com/archives/bugtraq/2012-11/0055.html http://archives.neohapsis.com/archives/bugtraq/2012-11/0059.html https://nvd.nist.gov https://packetstormsecurity.com/files/118056/OpenVAS-Command-Injection.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-5520

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect