HP Remote Watch showdisk Remote Privilege Escalation

high Nessus Plugin ID 10202

Synopsis

Arbitrary commands can be run on the remote server.

Description

remwatch is installed and allows anyone to execute arbitrary commands.

An attacker may issue shell commands as root by connecting to the remwatch daemon, and issue the command : ' 11T ; /bin/ksh'.

Solution

Deactivate the remwatch service. Contact your vendor for a patch.

Plugin Details

Severity: High

ID: 10202

File Name: remwatch.nasl

Version: 1.21

Type: remote

Family: Gain a shell remotely

Published: 8/31/1999

Updated: 8/13/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

Vulnerability Publication Date: 10/24/1996

Reference Information

CVE: CVE-1999-0246

Detections

Analytics