Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.902294
Category:General
Title:Metasploit Framework Local Privilege Escalation Vulnerability
Summary:This host is installed with Metasploit Framework and is prone to; local privilege escalation vulnerability.
Description:Summary:
This host is installed with Metasploit Framework and is prone to
local privilege escalation vulnerability.

Vulnerability Insight:
The flaw is due to the application being installed with insecure
filesystem permissions in the system's root drive. This can be exploited
to create arbitrary files in certain directories.

Vulnerability Impact:
Successful exploitation will let the local users to execute arbitrary code
with LocalSystem privileges when the 'frameworkPostgreSQL' service is
restarted.

Affected Software/OS:
Metasploit Framework version 3.5.1 and prior on windows.

Solution:
Upgrade Metasploit Framework 3.5.2 or later.

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 46300
Common Vulnerability Exposure (CVE) ID: CVE-2011-1056
http://osvdb.org/70857
http://secunia.com/advisories/43166
http://www.vupen.com/english/advisories/2011/0371
Common Vulnerability Exposure (CVE) ID: CVE-2011-1057
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.