Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2011-1597
CVE-2011-1597:
OpenVAS vulnerability analysis and mitigation
Overview
OpenVAS Manager version 2.0.3 was found to contain a severe security vulnerability that allows remote code execution through plugin manipulation. The vulnerability was discovered and disclosed in April 2011, receiving the identifier CVE-2011-1597. The affected component is specifically the OpenVAS Manager software version 2.0.3 (CVE Mitre, Openwall).
Technical details
The vulnerability allows a rogue user to execute arbitrary code with the privileges of the user running the OpenVAS Manager. This is achieved by crafting a special report format plugin and leveraging knowledge about the operating system on which OpenVAS Manager is running (Openwall).
Impact
When successfully exploited, this vulnerability allows attackers to execute arbitrary code with the same privileges as the OpenVAS Manager service user, potentially compromising the entire system where the OpenVAS Manager is running (Openwall).
Mitigation and workarounds
The issue was addressed in versions after OpenVAS Manager 2.0.3. Users should upgrade to a newer version of OpenVAS Manager to mitigate this vulnerability (Openwall).
Additional resources
Source: This report was generated using AI
Related OpenVAS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management