Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

NTOP < 3.2 ntop.init Temporary File Symlink Arbitrary File Overwrite

Medium

Synopsis

The remote host is vulnerable to a local flaw in the way that it creates temporary files.

Description

The remote host is running NTOP, a tool for viewing network configuration, usage, statistics, protocols and much more via a web interface. This version of NTOP is reported ot be prone to a local exploit. Specifically, a local attacker can overwrite critical ntop temporary files, leading to an escalation of privileges.

Solution

Upgrade to version 3.2 or higher.