PT-2014-05: Privilege Gaining in Nixu Namesurfer Vulnerable softwareNixu Namesurfer Version: 7.2.2 and earlierLink: http://www.nixusoftware.com/our_products_ipam.htmlSeverity levelSeverity level: High Impact: Privilege Gaining, Arbitrary Code Execution Access Vector: Remote CVSS v2: Base Score: 9.0 Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)CVE: not assignedSoftware descriptionNixu Namesurfer implements a unified system for manageming DNS servers via web interface.Vulnerability descriptionThe specialists of the Positive Research center have detected a Privilege Gaining vulnerability in Nixu Namesurfer.An attacker could assign the $PATH variable with the path to his/her malicious file. An application with the suid bit will execute it. Thus the attacker will receive the highest privilege in the system.How to fixUpdate your sofware up to the latest versionAdvisory status 16.01.2014 - Vendor gets vulnerability details 14.03.2014 - Vendor releases fixed version and details 27.03.2014 - Public disclosureCreditsThe vulnerability was detected by Alexey Osipov, Alexander Tlyapov, and Valentin Shilnenkov, Positive Research Center (Positive Technologies Company)Referenceshttp://en.securitylab.ru/lab/PT-2014-05 Reports on the vulnerabilities previously discovered by Positive Research:http://www.ptsecurity.com/research/advisory/ http://en.securitylab.ru/lab/