OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests. It has been identified that this vulnerability allows privilege escalation within the OpenVAS Manager but more complex injection may allow arbitrary code to be executed with the privileges of the OpenVAS Manager on vulnerable systems.
Classification
Location:
Remote / Network Access
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Solution:
Patch / RCS,
Upgrade
Exploit:
Exploit Public
Disclosure:
Vendor Verified,
Coordinated Disclosure
OSVDB:
Web Related,
Security Software
Solution
Upgrade to version 1.0.4 or 2.0.0rc3 or higher, as it has been reported to fix this vulnerability. In addition, Greenbone Networks has released a patch for some older versions.
