The host is running Verax Network Management System and is prone to multiple vulnerabilities.

Successful exploitation will allow remote attackers to bypass certain security restrictions, perform unauthorized actions and obtain sensitive information. This may aid in launching further attacks. Impact Level: Application

Upgrade to Verax NMS 2.1.0 or later, For updates refer to http://www.veraxsystems.com/en/products/nms

- An improper restricting access to certain actions via Action Message Format (AMF), which can be exploited to retrieve user information by requesting certain objects via AMF - The decryptPassword() uses a static, hard coded private key to facilitate process. These passwords should be considered insecure due to the fact that recovering the private key is decidedly trivial. - The private and public keys are hard coded into clientMain.swf the encrypted password could be captured and replayed against the service by an attacker. - The Verax NMS Console, users can navigate to monitored devices and perform predefined actions (NMSAction), such as repairing tables on a MySQL database or restarting services.

Verax NMS version prior to 2.1.0

• http://seclists.org/bugtraq/2013/Mar/35
• http://seclists.org/bugtraq/2013/Mar/36
• http://seclists.org/bugtraq/2013/Mar/37
• http://seclists.org/bugtraq/2013/Mar/38
• http://secunia.com/advisories/52473
• http://www.securityfocus.com/archive/1/525916
• http://www.securityfocus.com/archive/1/525917
• http://www.securityfocus.com/archive/1/525918

---

Updated on 2015-03-25