BID:25214

BlueCat Networks Adonis TFTP Remote Privilege Escalation Vulnerability

Info

BlueCat Networks Adonis TFTP Remote Privilege Escalation Vulnerability

Bugtraq ID:	25214
Class:	Input Validation Error
CVE:	CVE-2007-4226
Remote:	Yes
Local:	No
Published:	Aug 06 2007 12:00AM
Updated:	May 07 2015 05:36PM
Credit:	defaultroute of Template Security is credited with the discovery of this issue.
Vulnerable:	Bluecat Networks Adonis (Firmware) 5.0.2 .8

Not Vulnerable:

Discussion

BlueCat Networks Adonis TFTP Remote Privilege Escalation Vulnerability

BlueCat Networks Adonis devices are prone to a remote privilege-escalation vulnerability. This issue occurs when Proteus appliances are used to upload files to an affected Adonis appliance for TFTP download.

An attacker with administrative privileges can exploit this issue to write arbitrary data with superuser privileges. A successful attack will result in the complete compromise of an affected appliance.

Adonis 5.0.2.8 is vulnerable; other versions may also be affected.

Exploit / POC

BlueCat Networks Adonis TFTP Remote Privilege Escalation Vulnerability

The following example exploit is available:

/data/vulnerabilities/exploits/25214.txt

Solution / Fix

BlueCat Networks Adonis TFTP Remote Privilege Escalation Vulnerability

Solution:
The vendor indicates that this issue is fixed in Proteus 2.0.5.

References

BlueCat Networks Adonis TFTP Remote Privilege Escalation Vulnerability

References:

Vendor Homepage (BlueCat Networks)
Re: TS-2007-002-0: BlueCat Networks Adonis root Privilege Access ([email protected])
TS-2007-002-0: BlueCat Networks Adonis root Privilege Access (defaultroute)