Test ID:	1.3.6.1.4.1.25623.1.0.105061
Category:	Web application abuses
Title:	Infoblox NetMRI OS Command Injection Vulnerability
Summary:	Infoblox NetMRI is prone to a OS Command Injection Vulnerability.
Description:	Summary: Infoblox NetMRI is prone to a OS Command Injection Vulnerability. Vulnerability Impact: An attacker may leverage these issues to execute arbitrary code as root. Affected Software/OS: Infoblox NetMRI versions 6.4.X.X-6.8.4.X are vulnerable. Other versions may also be affected. Solution: Update to Infoblox NetMRI >= 6.8.5. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3418 BugTraq ID: 68471 http://www.securityfocus.com/bid/68471 Bugtraq: 20140709 OS Command Injection Infoblox Network Automation (Google Search) http://www.securityfocus.com/archive/1/532709/100/0/threaded http://www.exploit-db.com/exploits/34030 http://seclists.org/fulldisclosure/2014/Jul/35 http://blog.depthsecurity.com/2014/07/os-command-injection-in-infoblox-netmri.html https://github.com/depthsecurity/NetMRI-2014-3418 XForce ISS Database: infoblox-cve20143418-command-exec(94449) https://exchange.xforce.ibmcloud.com/vulnerabilities/94449 Common Vulnerability Exposure (CVE) ID: CVE-2014-3419 BugTraq ID: 68473 http://www.securityfocus.com/bid/68473 Bugtraq: 20140709 Weak Local Database Credentials in Infoblox Network Automation (Google Search) http://www.securityfocus.com/archive/1/532710/100/0/threaded http://packetstormsecurity.com/files/127410/Infoblox-6.8.4.x-Weak-MySQL-Password.html http://www.securitytracker.com/id/1030542 XForce ISS Database: infoblox-cve20143419-default-account(94450) https://exchange.xforce.ibmcloud.com/vulnerabilities/94450
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.