NTOP Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 2720

Synopsis

The remote host is missing a critical security patch or upgrade.

Description

The remote host is running NTOP, a tool for viewing network configuration, usage, statistics, protocols, and much more via a web interface. This version of NTOP is reported to be prone to at least four (4) vulnerabilities. An attacker exploiting these flaws would be able to execute arbitrary code on the target server.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.ntop.org

Plugin Details

Severity: Critical

ID: 2720

File Name: 2720.prm

Family: CGI

Published: 2005/03/18

Modified: 2016/01/19

Dependencies: 2719

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2002-0412, CVE-2000-0705, CVE-2000-0706

BID: 4225, 1550, 1576, 1840

OSVDB: 1496, 1513, 5307, 6512