Websense Triton 7.1.x < 7.1.3 / 7.5.x < 7.5.3 / 7.6.0 < 7.6.1 / 7.6.2 < 7.6.3 Remote Command Execution

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The remote web server contains a web application that is affected by a
remote command execution vulnerability.

Description :

The remote application is running Websense Triton, a commercial suite
of web filtering products.

The remote instance of Websense Triton fails to sanitize user-supplied
input specifically affecting the 'explorer_wse/ws_irpt.exe' file. An
attacker can exploit this issue to execute arbitrary commands with
SYSTEM-level privileges.

See also :

http://seclists.org/bugtraq/2012/Apr/228
http://www.nessus.org/u?b760104a
http://www.nessus.org/u?fc3d24bb
http://www.nessus.org/u?5344eced
http://www.nessus.org/u?fd549235
http://www.nessus.org/u?65c28103
http://www.nessus.org/u?433ca77e
http://www.websense.com/content/Home.aspx

Solution :

There are no known workarounds or upgrades to correct this issue.
Websense has released the following Hotfixes to address this
vulnerability :

- Hotfix 109 for version 7.1.0
- Hotfix 06 for version 7.1.1
- Hotfix 78 for version 7.5.0
- Hotfix 12 for version 7.5.1
- Hotfix 24 for version 7.6.0
- Hotfix 12 for version 7.6.2

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 70119 ()

Bugtraq ID: 51086

CVE ID: CVE-2011-5102

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now