ScriptLogic Multiple Service Remote Privilege Escalation

This script is Copyright (C) 2003-2016 Tenable Network Security, Inc.


Synopsis :

The remote service may be vulnerable to an access control breach.

Description :

The ScriptLogic service is running on this port.

There is a flaw in versions up to 4.05 of this service which may allow
an attacker to write arbitrary values in the remote registry with
administrator privileges, which can be used to gain a shell on this
host.

*** Since Nessus was unable to determine the version of ScriptLogic
*** running on this host, this might be a false positive.

Solution :

Upgrade to ScriptLogic 4.15 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 11562 ()

Bugtraq ID: 7475
7477

CVE ID: CVE-2003-1121

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now