Vulnerability CVE-2017-17384


Published: 2017-12-07

Description:
ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: Ispconfig
Product: Ispconfig 
Version:
3.1.8
3.1.7
3.1.6
3.1.5
3.1.4
3.1.3
3.1.2
3.1.1
3.1
3.0.5.4
3.0.5.3
3.0.5.2
3.0.5.1
3.0.5
3.0.4.6
3.0.4.3
3.0.4.2
3.0.4.1
3.0.4
3.0.3.3
3.0.3.2
3.0.3.1
3.0.3
3.0.2.2
3.0.2.1
3.0.2

CVSS2 => (AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9/10
10/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/

Related CVE
CVE-2015-4119
Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php...
CVE-2015-4118
SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote atta...
CVE-2006-3042
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][cl...
CVE-2006-2315
** DISPUTED ** PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the go_info[server][classes_root] parameter. NOTE: the vendor has disputed t...

Copyright 2018, cxsecurity.com

 

Back to Top