HTTP: Kaspersky Anti-Virus for Linux File Server getReportStatus Directory Traversal
This signature detects attempts to exploit a known vulnerability against Kaspersky Anti-Virus for Linux File Server. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.
Affected Products
Kaspersky anti-virus_for_linux_server
Short Name
HTTP:DIR:KSPRSKY-AV-LINX-FSRVR
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Anti-Virus CVE-2017-9812 Directory File Kaspersky Linux Server Traversal for getReportStatus
Release Date
02/09/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3759
False Positive
Unknown
Vendors
Kaspersky
CVSS Score
5.0