McAfee LinuxShield <= 1.5.1 nailsd Daemon Remote Privilege Escalation

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

An application on the remote host is affected by a privilege escalation
vulnerability.

Description :

The version of McAfee LinuxShield installed on the remote host is 1.5.1
or earlier. As such, it potentially is affected by a privilege
escalation vulnerability because it does not properly authenticate
clients. An attacker able to log into the remote host can leverage this
vulnerability to authenticate to the application's 'nailsd' daemon and
do configuration changes as well as execute tasks subject to the
privileges with which the 'nailsd' daemon operates.

See also :

http://sotiriu.de/adv/NSOADV-2010-004.txt
http://seclists.org/bugtraq/2010/Mar/26

Solution :

Upgrade to LinuxShield 1.5.1 if necessary and install hotfix
HF550192

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 70195 ()

Bugtraq ID: 38489

CVE ID: CVE-2009-5116