[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities.

To: Fulldisclosure <fulldisclosure@xxxxxxxxxxxx>
Subject: [FD] Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities.
From: Kyriakos Economou <kyrecon@xxxxxxxxxxxxxxxxxx>
Date: Wed, 04 Jul 2018 12:37:26 +0300

We have recently disclosed a list of vulnerabilities to Sophos thatallow local attackers to elevate their privileges and execute code inthe security context of the SYSTEM user account.


Affected Products:
SafeGuard Enterprise 8.00.4 and earlier (Fix: install 8.00.5)
SafeGuard Easy 7.00.2.35 and earlier (Fix: install 7.00.3)
SafeGuard LAN Crypt 3.95.1.13 and earlier (Fix: install 3.95.2)

For more information regarding these issues please visit:https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/


Cheers,
kyREcon

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] SEC Consult SA-20180704-2 :: Privilege escalation via linux group manipulation in all ADB Broadband Gateways / Routers
Next by Date: [FD] c0c0n XI | The cy0ps c0n - Call For Papers & Call For Workshops extended till July 15th
Previous by thread: [FD] SEC Consult SA-20180704-2 :: Privilege escalation via linux group manipulation in all ADB Broadband Gateways / Routers
Next by thread: [FD] c0c0n XI | The cy0ps c0n - Call For Papers & Call For Workshops extended till July 15th
Index(es):
- Date
- Thread