Signature Detail
Short Name |
HTTP:CONTENTKEEPER-BENETOOL-CE |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
ContentKeeper Web Appliance benetool Remote Command Execution |
Release Date |
2014/06/20 |
Update Number |
1829 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: ContentKeeper Web Appliance benetool Remote Command Execution
This signature detects attempts to exploit a known vulnerability against ContentKeeper Web Appliance. A successful attack can lead to arbitrary code execution.
Extended Description
ContentKeeper is prone to multiple remote vulnerabilities: - An unauthorized-access vulnerability - An arbitrary-file-overwrite vulnerability - A remote command-execution vulnerability - A remote privilege-escalation vulnerability Attackers can exploit these issues to gain unauthorized access to certain binaries, overwrite arbitrary files, execute arbitrary commands, and gain elevated access to the affected computer. ContentKeeper 125.09 and earlier are vulnerable.
Affected Products
- ContentKeeper Technologies ContentKeeper 123.25
- ContentKeeper Technologies ContentKeeper 125.09
References
- BugTraq: 34354