Detections
Analytics
Visnetic AntiVirus Plug-in for MailServer Local Privilege Escalation
high Nessus Plugin ID 20993
Synopsis
The remote Windows application is prone to a local privilege escalation issue.Description
The version of VisNetic AntiVirus Plug-in for MailServer installed on the remote host does not drop its privileges before invoking other programs. An attacker with local access can exploit this flaw to execute arbitrary programs on the affected host with LOCAL SYSTEM privileges.Solution
Upgrade to VisNetic AntiVirus Plug-in for VisNetic MailServer version 4.6.1.2 or later.See Also
https://secuniaresearch.flexerasoftware.com/community/research/
Plugin Details
Severity: High
ID: 20993
File Name: visnetic_antivirus_priv_escalation.nasl
Version: 1.14
Type: local
Agent: windows
Family: Windows
Published: 3/3/2006
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 2/23/2006
Reference Information
CVE: CVE-2006-0812
BID: 16788