IBM Inventory Scout < 2.2.0.19 Symlink Vulnerability

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote host contains a program that could allow a user to delete
or manipulate files without authorization.

Description :

According to its self-reported version, the Inventory Scout install on
the remote host is a version prior to 2.2.0.19. It, therefore, could
allow a local user to delete arbitrary files or have Inventory Scout
operations operate on arbitrary files using a symlink attack.

See also :

http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc
http://www-01.ibm.com/support/docview.wss?uid=isg1IV11643

Solution :

Upgrade to Inventory Scout 2.2.0.19 or later.

Alternatively, remove the setuid bit from the affected files using the
following commands :

- chmod 555 /opt/IBMinvscout/bin/invscoutClient_VPD_Survey
- chmod 555 /opt/IBMinvscout/sbin/invscout_lsvpd

Note that this will disable functionality of these commands for all
users except root.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:L/AC:H/Au:N/C:N/I:C/A:N)
CVSS Temporal Score : 3.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 73966 ()

Bugtraq ID: 51059

CVE ID: CVE-2011-1384