Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:CTS:NTOP-NG-PRIV-ESC
Severity	Minor
Recommended	No
Category	HTTP
Keywords	Ntop-ng Privilege Escalation
Release Date	2020/02/04
Update Number	3251
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Ntop-ng Privilege Escalation

This signature detects attempts to exploit a known vulnerability against Ntop-ng. A successful attack can lead to elevation of privilege and arbitrary code execution.

Extended Description

ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.

Affected Products

Ntop ntopng 2.0.151021

References

CVE: CVE-2015-8368

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Ntop-ng Privilege Escalation

Extended Description

Affected Products

References