Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.801080
Kategorie:Privilege escalation
Titel:Panda Products 'CVE-2009-4215' Privilege Escalation Vulnerability
Zusammenfassung:This host is running panda Products and is prone to Privilege; Escalation Vulnerability.
Beschreibung:Summary:
This host is running panda Products and is prone to Privilege
Escalation Vulnerability.

Vulnerability Insight:
This flaw is due to insecure permissions being set on the 'PavFnSvr.exe'
file (Everyone/Full Control) within the installation directory, which could be
exploited by malicious users to replace the affected file with a malicious
binary which will be executed with SYSTEM privileges.

Vulnerability Impact:
Successful exploitation will let the attacker replace the affected binary file
with a malicious binary which will be executed with SYSTEM privileges.

Affected Software/OS:
Panda AntiVirus Pro 2010 version 9.01.00 and prior.

Panda Internet Security 2010 version 15.01.00 and prior.

Panda Global Protection 2010 version 3.01.00 and prior.

Solution:
Apply the security updates from the linked references.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-4215
Bugtraq: 20091111 Panda Security Software Local Privilege Escalation (Google Search)
http://www.securityfocus.com/archive/1/507811/100/0/threaded
http://www.securitytracker.com/id?1023121
http://secunia.com/advisories/37373
http://www.vupen.com/english/advisories/2009/3126
XForce ISS Database: panda-directory-privilege-escalation(54268)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54268
CopyrightCopyright (C) 2009 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.