Published: 22/03/2017 Updated: 03/10/2019

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 905

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

AlienVault USM and OSSIM prior to 5.3.7 and NfSen prior to 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862.

Vulnerable Product	Search on Vulmon	Subscribe to Product
alienvault ossim
alienvault unified security management
nfsen nfsen

# Exploit Title: NfSen/AlienVault remote root exploit (IPC query command injection) # Version: NfSen 136p1, 137 and 137-1~bpo80+1_all Previous versions are also likely to be affected # Version: AlienVault 534 # Date: 2017-07-10 # Vendor Homepage: nfsensourceforgenet/ # Vendor Homepage: wwwalienvaultcom/ # Software Link: ...

Exploit for CVE-2017-6971 remote command execution in nfsen 1.3.7.

nfsen-exploit Exploit for CVE-2017-6971 remote command execution in nfsen 137 Tested on Ubuntu, probably works on everything Vulnerability discovered by Paul Taylor/Foregenix Ltd Usage: python exploitpy <local ip> <local port> <target ip> <path> This generates a root-level shell on the remote machine

CWE-74 https://www.alienvault.com/forums/discussion/8325/https://sourceforge.net/p/nfsen/news/2017/01/nfsen-138-released---security-fix/https://www.alienvault.com/forums/discussion/8698 https://www.exploit-db.com/exploits/42306/https://nvd.nist.gov https://github.com/patrickfreed/nfsen-exploit https://www.exploit-db.com/exploits/42306/

CVE-2017-6971

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect