|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
edi.strosar
varnostne-novice.com
Date: Sat Aug 04 2007 - 17:49:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello list,
regarding BID 25186 (disclosed by tarkus)
http://www.securityfocus.com/bid/25186/
we discovered that Panda Antivirus 2007 is also vulnerable
to insecure file permission issue. Least privileged users
could elevate their privileges to Local System by renaming
and replacing any of the following files within Panda
installation directory:
pavsrv51.exe (Panda AV Service)
psimsvc.exe (Panda IManager Service)
psctrls.exe (Panda Software Controller)
Sincerelly,
Edi Strosar (Team Intell)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]