VAR-190001-1140
Vulnerability from variot - Updated: 2022-05-17 01:50Trendmicro IWSS provides dynamic, integrated security for enterprise networks at the gateway for Web-based attacks. Trendmicro IWSS has a security hole that allows an attacker to gain root access. The program \"patchCmd\" sets the corresponding \"setuid\" and \"setgid\" to allow all users to execute. The code executes setuid(0) before system() to allow ROOT permission to be executed during execution without the user's corresponding permission. According to the input parameter system() of 'patchCmd', two scripts are called: \"./PatchExe.sh\" and \"./RollbackExe.sh\". You can see that the string \"./\" indicates execution in the current directory, and the attacker passes the other PATH creates arbitrary scripts to execute with ROOT privileges. Trendmicro IWSS is prone to a local privilege-escalation vulnerability. Trendmicro IWSS 3.1 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-190001-1140",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "interscan websecuritysuite",
"scope": "eq",
"trust": 1.1,
"vendor": "trend micro",
"version": "3.1"
}
],
"sources": [
{
"db": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4513"
},
{
"db": "BID",
"id": "50380"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buguroo Offensive Security",
"sources": [
{
"db": "BID",
"id": "50380"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trendmicro IWSS provides dynamic, integrated security for enterprise networks at the gateway for Web-based attacks. Trendmicro IWSS has a security hole that allows an attacker to gain root access. The program \\\"patchCmd\\\" sets the corresponding \\\"setuid\\\" and \\\"setgid\\\" to allow all users to execute. The code executes setuid(0) before system() to allow ROOT permission to be executed during execution without the user\u0027s corresponding permission. According to the input parameter system() of \u0027patchCmd\u0027, two scripts are called: \\\"./PatchExe.sh\\\" and \\\"./RollbackExe.sh\\\". You can see that the string \\\"./\\\" indicates execution in the current directory, and the attacker passes the other PATH creates arbitrary scripts to execute with ROOT privileges. Trendmicro IWSS is prone to a local privilege-escalation vulnerability. \nTrendmicro IWSS 3.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4513"
},
{
"db": "BID",
"id": "50380"
},
{
"db": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "50380",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2011-4513",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201110-643",
"trust": 0.6
},
{
"db": "IVD",
"id": "2B4CA414-1F82-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4513"
},
{
"db": "BID",
"id": "50380"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
]
},
"id": "VAR-190001-1140",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4513"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4513"
}
]
},
"last_update_date": "2022-05-17T01:50:41.718000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.9,
"url": "http://buguroo.com/adv/bsa-2011-002.txt"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/50380"
},
{
"trust": 0.3,
"url": "http://us.trendmicro.com/us/products/enterprise/interscan-web-security-suite/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4513"
},
{
"db": "BID",
"id": "50380"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4513"
},
{
"db": "BID",
"id": "50380"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-27T00:00:00",
"db": "IVD",
"id": "2b4ca414-1f82-11e6-abef-000c29c66e3d"
},
{
"date": "2011-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4513"
},
{
"date": "2011-10-26T00:00:00",
"db": "BID",
"id": "50380"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4513"
},
{
"date": "2011-10-26T00:00:00",
"db": "BID",
"id": "50380"
},
{
"date": "2011-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "50380"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trendmicro IWSS Local Privilege Escalation Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4513"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201110-643"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…