Summary
Visionsoft Audit multiple vulnerability detection
The Visionsoft Audit on Demand service may be vulnerable to multiple issues which can be exploited remotely without authentication:
Heap overflow via LOG command (CVE-2007-4148)
Multiple arbitrary file overwrites via LOG and SETTINGSFILE command (CVE-2007-4149) Denial of service via UNINSTALL command (CVE-2007-4149)
Additionally, the underlying protocol for authentication has been reported as being vulnerable to replay attacks (CVE-2007-4152) and the settings file is typically installed with inappropriate permissions (CVE-2007-4150).
On the following platforms, we recommend you mitigate in the described manner:
Visionsoft Audit 12.4.0.0
We recommend you mitigate in the following manner:
Filter inbound traffic to 5957/tcp to only known management hosts
Solution
We recommend that Visionsoft are contacted for a patch.
References
- http://www.portcullis-security.com/197.php
- http://www.portcullis-security.com/198.php
- http://www.portcullis-security.com/199.php
- http://www.portcullis-security.com/203.php
- http://www.portcullis-security.com/204.php
- http://www.portcullis-security.com/205.php
- http://www.portcullis-security.com/206.php
- http://www.portcullis-security.com/207.php
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2007-4148, CVE-2007-4149, CVE-2007-4150, CVE-2007-4151, CVE-2007-4152 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities