McAfee LinuxShield <= 1.5.1 nailsd Daemon Remote Privilege Escalation

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

An application on the remote host is affected by a privilege escalation
vulnerability.

Description :

The version of McAfee LinuxShield installed on the remote host is 1.5.1
or earlier. As such, it potentially is affected by a privilege
escalation vulnerability because it does not properly authenticate
clients. An attacker able to log into the remote host can leverage this
vulnerability to authenticate to the application's 'nailsd' daemon and
do configuration changes as well as execute tasks subject to the
privileges with which the 'nailsd' daemon operates.

See also :

http://sotiriu.de/adv/NSOADV-2010-004.txt
http://seclists.org/bugtraq/2010/Mar/26

Solution :

Upgrade to LinuxShield 1.5.1 if necessary and install hotfix
HF550192

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 70195 ()

Bugtraq ID: 38489

CVE ID: CVE-2009-5116

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial