McAfee LinuxShield <= 1.5.1 nailsd Daemon Remote Privilege Escalation

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.

Synopsis :

An application on the remote host is affected by a privilege escalation

Description :

The version of McAfee LinuxShield installed on the remote host is 1.5.1
or earlier. As such, it potentially is affected by a privilege
escalation vulnerability because it does not properly authenticate
clients. An attacker able to log into the remote host can leverage this
vulnerability to authenticate to the application's 'nailsd' daemon and
do configuration changes as well as execute tasks subject to the
privileges with which the 'nailsd' daemon operates.

See also :

Solution :

Upgrade to LinuxShield 1.5.1 if necessary and install hotfix

Risk factor :

Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.4
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 70195 ()

Bugtraq ID: 38489

CVE ID: CVE-2009-5116

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now