IBM Inventory Scout < Symlink Vulnerability

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote host contains a program that could allow a user to delete
or manipulate files without authorization.

Description :

According to its self-reported version, the Inventory Scout install on
the remote host is a version prior to It, therefore, could
allow a local user to delete arbitrary files or have Inventory Scout
operations operate on arbitrary files using a symlink attack.

See also :

Solution :

Upgrade to Inventory Scout or later.

Alternatively, remove the setuid bit from the affected files using the
following commands :

- chmod 555 /opt/IBMinvscout/bin/invscoutClient_VPD_Survey
- chmod 555 /opt/IBMinvscout/sbin/invscout_lsvpd

Note that this will disable functionality of these commands for all
users except root.

Risk factor :

Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.3
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 73966 ()

Bugtraq ID: 51059

CVE ID: CVE-2011-1384