20 matches found
CVE-2020-26292
Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...
PCProtect Endpoint 5.17.470 Tampering / Privilege Escalation
Credits: Yehia Elghaly aka Mrvar0x + Website: https://mrvar0x.com/ + Source: https://mrvar0x.com/2022/07/21/pcprotect-endpoint-tampering-exploit/ Vendor: ============= www.pcprotect.com Product: =========== PCProtect Endpoint Protection v5.17.470 PCProtect is a malware detection and antivirus...
PCProtect Endpoint 5.17.470 Tampering / Privilege Escalation Vulnerability
PCProtect Endpoint version 5.17.470 fails to provide sufficient anti-tampering protection that can be leveraged to achieve SYSTEM privileges. + Credits: Yehia Elghaly aka Mrvar0x + Website: https://mrvar0x.com/ + Source: https://mrvar0x.com/2022/07/21/pcprotect-endpoint-tampering-exploit/ Vendor:...
CVE-2020-26292
Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...
CVE-2020-26292
CVE-2020-26292 concerns Creeper, an experimental dynamic language. The vulnerability is limited to the binary release of Creeper Interpreter 1.1.3, not the source code. The compromised binary was briefly available on Dec 26, 2020 (about 3:22 PM–11:00 PM EST) and has since been removed. If you dow...
CVE-2020-26292 Potential Malware Discovered (Possible False Positive)
Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...
PT-2020-6791 · Fortinet · Fortios +1
Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS affected versions not specified Fortinet FortiClient for Mac affected versions not specified Description: The issue is related to a flaw in the Fortinet antivirus scanner, affecting FortiOS and FortiClient for Mac, which occu...
In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass
ARCHIVED STORY In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass By Eoin Carroll · June 20, 2019 Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILEOBJECT locations, which impacts non-EDR Endpoint Detection a...
In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass
ARCHIVED STORY In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass By Eoin Carroll · June 20, 2019 Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILEOBJECT locations, which impacts non-EDR Endpoint Detection a...
USN-3722-5 clamav regression
USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ClamAV incorrectly handled parsing certain...
Pydio Remote Code Execution Vulnerability
Pydio formerly known as AjaXplorer is a web-based remote file manager. The manager supports uploading and downloading files, online file editing, image previewing and more. Pydio 8.2.1 and earlier versions have a security vulnerability in the 'scanNow$nodeObject' parameter of the...
Remote code execution
Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution RCE vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow$nodeObject that can result in An attacker gaining admin access and can then execute arbitrary commands on the...
SUSE-SU-2015:0298-1 Recommended update for clamav
The antivirus scanner ClamAV has been updated to version 0.98.3, which includes the following fixes and enhancements: Support for common raw disk image formats using 512 byte sectors, specifically GPT, APM, and MBR partitioning. All ClamAV sockets clamd, freshclam, clamav-milter, clamdscan,...
SUSE-SU-2015:0871-1 Recommended update for clamav
The antivirus scanner ClamAV has been updated to version 0.98.3, which includes the following fixes and enhancements: Support for common raw disk image formats using 512 byte sectors, specifically GPT, APM, and MBR partitioning. All ClamAV sockets clamd, freshclam, clamav-milter, clamdscan,...
Microsoft's Process Explorer added VirusTotal Multi-Antivirus Scanner support
Process Explorer, a part of the Microsoft’s Sysinternals suite of applications is an alternate task manager for Windows, which offers far more features than 'on-board'. Microsoft’s Windows Sysinternal Suite has released the latest version of Process Explorer v16.0 that has an awesome feature whic...
ClamAV < 0.94 Multiple Vulnerabilities
According to its version, the clamd antivirus daemon on the remote host is earlier than 0.94. Such versions are affected by one or more of the following issues : - A segmentation fault can occur when processing corrupted LZH files. Bug 1052 - Invalid memory access errors in 'libclamav/chmunpack.c...
ClamAV < 0.94.1 get_unicode_name() Function Off-by-One Buffer Overflow (deprecated)
Binary data 4744.prm...
SMTP antivirus scanner DoS
This script sends the 42.zip recursive archive to the mail server. If there is an antivirus filter, it may start eating huge amounts of CPU or memory. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...
SMTP too long line
Some antivirus scanners dies when they process an email with a too long string without line breaks. Such a message was sent. If there is an antivirus on your MTA, it might have crashed. Please check its status right now, as it is not possible to do it remotely. SPDX-FileCopyrightText: 2003 Michel...
Security update 1970-01-01
...