NASLDB: Rendezvous < 7.5.1 HTTP Admin Interface Remote Overflow
General
ID: 21677
Name: Rendezvous < 7.5.1 HTTP Admin Interface Remote Overflow
Summary: Checks version number in Rendezvous
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: CVSS2#E:F/RL:W/RC:C
Port: 7580
Family: Gain a shell remotely
Type: Remote
Description
The remote host appears to be running Rendezvous, a commercial
messaging software product used for building distributed applications
According to its banner, several of the components in the version of
Rendezvous installed on the remote host contain a buffer overflow
vulnerability in the HTTP administrative interface that may allow
arbitrary code execution subject to the privileges of the user that
invoked the daemon, or ‘nobody’ in the case the remote system is
‘unix’ and the invoking user was ‘root’.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2006-2830
OSVDB: 26155
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2006/06/05
Patch Release: –
Plugin Release: 2006/06/10
Plugin
Version: 1.16
Filename: rendezvous_751.nasl
Filesize: 2639 bytes
MD5 Hash: ac5bc6797f132e3ca3da532fbfa106f9
Identification: –
Require Keys: –
Dependencies: "http_version.nasl"
Copyright: This script is Copyright© 2006-2011 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack