Detections
Analytics

Groovy Shell Unauthenticated Remote Command Execution

high Nessus Plugin ID 66325

Language:

Synopsis

The remote host has an unprotected shell listening that allows for remote command execution.

Description

The remote host has an unprotected Groovy Shell bound to a TCP port that is listening and allows for commands to be executed by an unauthenticated, remote attacker. This shell is known to be included with Lexmark Markvision.

Solution

Disable or restrict access to the shell. If running Lexmark Markvision, upgrade to version 1.8.0 or higher.

See Also

http://groovy.codehaus.org/Groovy+Shell

http://www.nessus.org/u?db169a54

Plugin Details

Severity: High

ID: 66325

File Name: groovy_shell_code_exec.nasl

Version: 1.5

Type: remote

Family: Misc.

Published: 5/6/2013

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2013-3055

Vulnerability Information

CPE: x-cpe:/a:codehaus:groovy

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2013-3055

BID: 59513