CVE-2017-9811

CRITICAL

Kaspersky Anti-virus For Linux Server < 8.0.3.297 - Improper Input Validation

Title source: rule

Description

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · textwebappslinux

https://www.exploit-db.com/exploits/42269

View Code ZIP pw:eip

References (6)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/143190/Kaspersky-Anti-Virus-File-Server-8.0.3.297-XSS-CSRF-Code-Execution.html

[Exploit, Mailing List, Third Party Advisory, VDB Entry] http://seclists.org/fulldisclosure/2017/Jun/33

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/99330

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038798

[Exploit, Third Party Advisory] https://www.coresecurity.com/advisories/kaspersky-anti-virus-file-server-multiple-vulnerabilities

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/42269/

Scores

CVSS v3 9.8

EPSS 0.2467

EPSS Percentile 96.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-20

Status draft

Affected Products (1)

kaspersky/anti-virus_for_linux_server < 8.0.3.297

Timeline

Published Jul 17, 2017

Tracked Since Feb 18, 2026