TITLE:
Panda ActiveScan Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA21763
VERIFY ADVISORY:
http://secunia.c
om/advisories/21763/
CRITICAL:
Highly critical
IMPACT:
Exposure of system information, DoS, System access
WHERE:
From remote
SOFTWARE:
Panda ActiveScan 5.x
http://secunia.com/p
roduct/3341/
DESCRIPTION:
Secunia Research has discovered two vulnerabilities and a
weakness in
Panda ActiveScan, which can be exploited by malicious people
to
disclose system information, cause a DoS (Denial of
Service),
and
compromise a user's system.
1) The "Reinicializar()" method in the
"ActiveScan.1" ActiveX
control
allows rebooting the system when invoked. This can be
exploited
by
e.g. a malicious website to reboot a user's system without
any
user
confirmation.
2) The "ObtenerTamano()" method in the
"PAVPZ.SOS.1" ActiveX
control
returns the file size of a given local filename. This can be
exploited by e.g. a malicious website to determine the
presence
of
local files and the corresponding file sizes.
3) The "Analizar()" method in the
"ActiveScan.1" ActiveX
control is
not thread safe. This can be exploited by e.g. a malicious
website
via a race condition to corrupt memory and execute arbitrary
code.
The vulnerabilities are confirmed in version 5.53.00. Other
versions
may also be affected.
SOLUTION:
Update to version 5.54.01.
http://www.pandasoftware.com/products/ActiveScan.htm
ORIGINAL ADVISORY:
Secunia Research:
http://s
ecunia.com/secunia_research/2006-64/
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|