ID de Prueba:	1.3.6.1.4.1.25623.1.0.801080
Categoría:	Privilege escalation
Título:	Panda Products 'CVE-2009-4215' Privilege Escalation Vulnerability
Resumen:	panda Products is prone to a privilege escalation vulnerability.
Descripción:	Summary: panda Products is prone to a privilege escalation vulnerability. Vulnerability Insight: This flaw is due to insecure permissions being set on the 'PavFnSvr.exe' file (Everyone/Full Control) within the installation directory, which could be exploited by malicious users to replace the affected file with a malicious binary which will be executed with SYSTEM privileges. Vulnerability Impact: Successful exploitation will let the attacker replace the affected binary file with a malicious binary which will be executed with SYSTEM privileges. Affected Software/OS: Panda AntiVirus Pro 2010 version 9.01.00 and prior. Panda Internet Security 2010 version 15.01.00 and prior. Panda Global Protection 2010 version 3.01.00 and prior. Solution: Apply the security updates from the linked references. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4215 Bugtraq: 20091111 Panda Security Software Local Privilege Escalation (Google Search) http://www.securityfocus.com/archive/1/507811/100/0/threaded http://www.securitytracker.com/id?1023121 http://secunia.com/advisories/37373 http://www.vupen.com/english/advisories/2009/3126 XForce ISS Database: panda-directory-privilege-escalation(54268) https://exchange.xforce.ibmcloud.com/vulnerabilities/54268
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.