Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:OPENMEDIAVAULT-AUTHEN-ACE
Severity	Minor
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	OpenMediaVault Authentication Arbitrary Command Execution
Release Date	2015/06/09
Update Number	2503
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: OpenMediaVault Authentication Arbitrary Command Execution

This signature detects attempts to exploit a known vulnerability against Open Media Vault. A successful attack can result in a arbitrary command execution.

Extended Description

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.

Affected Products

Openmediavault openmediavault -

References

BugTraq: 62873
CVE: CVE-2013-3632
URL: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: OpenMediaVault Authentication Arbitrary Command Execution

Extended Description

Affected Products

References