Recourse Technologies : Security Vulnerabilities, CVEs,
Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd.
Max CVSS
2.1
EPSS Score
0.06%
Published
2001-01-09
Updated
2017-10-10
Recourse ManTrap 1.6 allows attackers who have gained root access to use utilities such as crash or fsdb to read /dev/mem and raw disk devices to identify ManTrap processes or modify arbitrary data files.
Max CVSS
4.6
EPSS Score
0.06%
Published
2001-01-09
Updated
2017-10-10
Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the inode number for the resulting "/" file system is higher than normal, which allows attackers to determine that they are in a chroot environment.
Max CVSS
2.1
EPSS Score
0.07%
Published
2001-01-09
Updated
2017-10-10
Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attackers to determine that they are in a honeypot system.
Max CVSS
2.1
EPSS Score
0.06%
Published
2001-01-09
Updated
2017-10-10
Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc/self/cwd and executes the pwd command, which allows attackers to determine that they are in a honeypot system.
Max CVSS
2.1
EPSS Score
0.06%
Published
2001-01-09
Updated
2017-10-10
Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which allows attackers to determine that they are in a honeypot system.
Max CVSS
2.1
EPSS Score
0.06%
Published
2001-01-09
Updated
2017-10-10
Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing in the /proc filesystem.
Max CVSS
2.1
EPSS Score
0.06%
Published
2001-01-09
Updated
2017-10-10
7 vulnerabilities found