Detections
Analytics

ClarkConnect Linux clarkconnectd Remote Information Disclosure

medium Nessus Plugin ID 11277

Synopsis

A service on the remote host is disclosing information.

Description

The 'clarkconnectd' service appears to be listening on this port.
This service provides sensitive information to remote, unauthenticated users, such as a list of running processes, the contents of /var/log/messages, the contents of the snort log, and more.

A remote attacker could use this information to mount further attacks.

Solution

Disable the clarkconnectd service.

See Also

https://seclists.org/bugtraq/2003/Feb/320

Plugin Details

Severity: Medium

ID: 11277

File Name: clarkconnectd.nasl

Version: 1.17

Type: remote

Family: Misc.

Published: 2/28/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2003-1379

BID: 6934

CWE: 200

Secunia: 8171