Pandora FMS Remote Command Execution Vulnerability Network Vulnerability

Summary

Pandora FMS versions 5.0RC1 and below suffer from a code execution vulnerability.

Impact

Successful exploits will allow remote attackers to execute arbitrary commands within the context of the i'pandora' user.

Solution

Update to Pandora FMS 5.0 final

Insight

The Pandora 4.0.3 / 4.1 / 5.0 RC1 appliances are prone to security vulnerabilities. The Anytermd daemon used for the SSH/Telnet gateway on TCP port 8022/8023 is vulnerable to command injection in the "p" POST parameter, which allows any unauthenticated attacker to execute arbitrary commands with the rights of the "pandora" user.

Affected

Pandora FMS versions 5.0RC1 and below.

Detection

Try to execute a command on the remote Host by sending some special crafted HTTP requests.

References

http://packetstormsecurity.com/files/124983/Pandora-FMS-5.0RC1-Code-Execution.html

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Arkeia Appliance Multiple Vulnerabilities
Artifectx xClassified 'catid' SQL Injection Vulnerability
Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability
AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities
AproxEngine Multiple Remote Input Validation Vulnerabilities

Take action and discover your vulnerabilities