Test ID:	1.3.6.1.4.1.25623.1.0.113138
Category:	General
Title:	Panda Global Protection <= 17.0.1 Multiple Vulnerabilities
Summary:	Panda Global Protection is prone to multiple vulnerabilities.
Description:	Summary: Panda Global Protection is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: Unquoted Windows search path vulnerability in the panda_url_filtering service in Panda Global Protection allows local users to gain privileges via a malicious artifact. Panda Global Protection allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\PSANMSrvcPpal -- an 'insecurely created named pipe'. Ensures full access to Everyone users group. Vulnerability Impact: Successful exploitation could allow an attacker to gain complete control over the target system. Affected Software/OS: Panda Global Protection through version 17.0.1 Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-6321 http://seclists.org/fulldisclosure/2018/Mar/25 Common Vulnerability Exposure (CVE) ID: CVE-2018-6322 http://seclists.org/fulldisclosure/2018/Mar/26
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.