Vulnerability Details : CVE-2013-4984
Public exploit exists!
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.
Exploit prediction scoring system (EPSS) score for CVE-2013-4984
0.47%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2013-4984
-
Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation
Disclosure Date: 2013-09-06First seen: 2020-04-26exploit/linux/local/sophos_wpa_clear_keysThis module abuses a command injection on the clear_keys.pl perl script, installed with the Sophos Web Protection Appliance, to escalate privileges from the "spiderman" user to "root". This module is useful for post exploitation of vulnerabilities on the Sophos Web Protectio
CVSS scores for CVE-2013-4984
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2013-4984
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4984
-
http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities
Sophos Web Protection Appliance Multiple Vulnerabilities | Core SecurityExploit;Technical Description;Vendor Advisory
-
http://www.sophos.com/en-us/support/knowledgebase/119773.aspx
Sophos CommunityBroken Link
Products affected by CVE-2013-4984
- cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.8:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:web_appliance:3.0.2:*:*:*:*:*:*:*