PSEvents.exe within several Panda Security products runs hourly with SYSTEM privileges. When run, it checks a user writable folder for certain DLL files, and if any are found they are automatically run. Vulnerable products include Panda Global Protection 2016 versions 16.1.2 and below, Panda Antivirus Pro 2016 versions 16.1.2 and below, Panda Small Business Protection versions 16.1.2 and below, and Panda Internet Security 2016 versions 16.1.2 and below.
675a9794c4c179230ddd016c62462e8da69b4d5e807de5679903fd32ada74613TrendMicro InterScan Web Security Virtual Appliance remote code execution exploit that leverages the shellshock vulnerability to spawn a connect-back shell. TrendMicro has contacted Packet Storm and provided the following link with patch information: <a href="https://success.trendmicro.com/solution/1105233">https://success.trendmicro.com/solution/1105233</a>
7eefbb330b7be36adf17cb7725410f679d2aeac775a9e31cf85234029e4b66ccPuppet Enterprise Web Interface versions prior to 2016.4.0 suffer from a user enumeration vulnerability.
54d7ee759e692370673e959d8a665bb7bb0ccdcfb52e28fb2e44109f9eda1fc7Puppet Enterprise Web Interface versions prior to 2016.4.0 suffer from an open redirection vulnerability.
b98c74f7649da779a08cd2eca2a2e14d384928318bd554d0497d39c7da5a823bFreePBX version 10.13.66 suffers from remote command execution and privilege escalation vulnerabilities.
0e78946ab50b06ff02464f83d40a65173f267a943a054ee0e20ccb5441084794The Linux subsystem on Windows suffers from a privilege escalation vulnerability that allows for arbitrary file and directory creation.
576672403eb9b021c3d3d7f01650822ca7bdd66497b93e4ba6035db60fe0ad18VBScan is a black box vBulletin vulnerability scanner written in perl.
82d1a85ca23e4a607f1875780b16ef08ee794d837cbbe3857ca74bebd9654100
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed