JVN Info.

Id
27702  
Name
JVNDB-2012-003409  
Title
Invensys Wonderware InTouch における権限を取得される脆弱性  
Summary
Wonderware Application Server などの製品で使用される Invensys Wonderware InTouch には、検索パスに関する処理に不備があるため、権限を取得される脆弱性が存在します。  
Nvdinfo
CVE-2012-3005  
Cvssv2
6.9  
Jvnurl
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003409.html  
Published Date
2012-07-26  
Registered Date
2012-07-30  
Last Updated Date
2012-07-30  

Actions

Related Nessuslogs

Id Log ID Jvninfo Id Plugin ID CVE CVSS Risk Host Protocol Port Name Synopsis Description Solution See Also Plugin Output Actions
7520 H28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv 27702 87942 CVE-2015-6933 4.6 Medium 172.27.137.67 tcp 0 ESXi 5.5 < Build 3248547 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check) The remote VMware ESXi 5.5 host is affected by a guest privilege escalation vulnerability. The remote VMware ESXi 5.5 host is prior to build 3248547. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges. Apply patch ESXi550-201512102-SG according to the vendor advisory. Note that VMware Tools in any Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate the vulnerability. http://www.vmware.com/security/advisories/VMSA-2016-0001.html http://kb.vmware.com/kb/2135796 http://kb.vmware.com/kb/2135410 ESXi version : ESXi 5.5 Installed build : 2403361 Fixed build : 3248547
30876 H28-MOJ-Online-Funa-12-seg-v1-161103.csv 27702 87942 CVE-2015-6933 4.6 Medium 172.27.9.67 tcp 0 ESXi 5.5 < Build 3248547 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check) The remote VMware ESXi 5.5 host is affected by a guest privilege escalation vulnerability. The remote VMware ESXi 5.5 host is prior to build 3248547. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges. Apply patch ESXi550-201512102-SG according to the vendor advisory. Note that VMware Tools in any Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate the vulnerability. http://www.vmware.com/security/advisories/VMSA-2016-0001.html http://kb.vmware.com/kb/2135796 http://kb.vmware.com/kb/2135410 ESXi version : ESXi 5.5 Installed build : 2403361 Fixed build : 3248547
52132 H28_MUN_DWEB_Q4_172_16_240_seg.csv 27702 87942 CVE-2015-6933 4.6 Medium 172.16.240.150 tcp 0 ESXi 5.5 < Build 3248547 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check) The remote VMware ESXi 5.5 host is affected by a guest privilege escalation vulnerability. The remote VMware ESXi 5.5 host is prior to build 3248547. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges. Apply patch ESXi550-201512102-SG according to the vendor advisory. Note that VMware Tools in any Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate the vulnerability. http://www.vmware.com/security/advisories/VMSA-2016-0001.html http://kb.vmware.com/kb/2135796 http://kb.vmware.com/kb/2135410 ESXi version : ESXi 5.5 Installed build : 1892794 Fixed build : 3248547
57702 H28_DWEB_NW_Scan_Q1_172_16_240_Seg_20160518_hepxqa.csv 27702 87942 CVE-2015-6933 4.6 Medium 172.16.240.150 tcp 0 ESXi 5.5 < Build 3248547 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check) The remote VMware ESXi 5.5 host is affected by a guest privilege escalation vulnerability. The remote VMware ESXi 5.5 host is prior to build 3248547. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges. Apply patch ESXi550-201512102-SG according to the vendor advisory. Note that VMware Tools in any Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate the vulnerability. http://www.vmware.com/security/advisories/VMSA-2016-0001.html http://kb.vmware.com/kb/2135796 http://kb.vmware.com/kb/2135410 ESXi version : ESXi 5.5 Installed build : 1892794 Fixed build : 3248547