Buffer overflow

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80202298. By crafting an input buffer we can control the execution path to the point where the nt!memset function is called to ze...

CVE-2018-6853

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206024. By crafting an input buffer we can control the execution path to the point where a global variable will be written to a...

Buffer overflow

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206024. By crafting an input buffer we can control the execution path to the point where a global variable will be written to a...

CVE-2018-6856

CVE-2018-6856 affects Sophos SafeGuard Enterprise prior to 8.00.5, SafeGuard Easy prior to 7.00.3, and SafeGuard LAN Crypt prior to 3.95.2. The issue is a Local Privilege Escalation via IOCTL 0x8020601C where crafting an input buffer allows controlling the execution path to write a global variabl...

CVE-2018-6852

Vulnerability: Local Privilege Escalation in Sophos SafeGuard Enterprise (pre-8.00.5), SafeGuard Easy (pre-7.00.3), and SafeGuard LAN Crypt (pre-3.95.2). Root cause: crafted input buffer via IOCTL 0x80202298 allows control of execution to the nt!memset call, enabling zeroing of a user‑controlled ...

CVE-2018-6851

CVE-2018-6851 (and related CVEs 2018-6852/6853/6857) describe local privilege escalation in Sophos SafeGuard products. Affected components include Sophos SafeGuard Enterprise (before 8.00.5), SafeGuard Easy (before 7.00.3), and SafeGuard LAN Crypt (before 3.95.2). The root cause involves crafting...

CVE-2018-6853

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are affected by a Local Privilege Escalation via IOCTL 0x80206024. By crafting an input buffer, an attacker can steer execution to a path where a global variable is written to a user-con...

CVE-2018-6857

CVE-2018-6857 affects Sophos SafeGuard Enterprise <8.00.5, SafeGuard Easy <7.00.3, and SafeGuard LAN Crypt

CVE-2018-6855

CVE-2018-6855 and related entries describe Local Privilege Escalation in Sophos SafeGuard products (SafeGuard Enterprise < 8.00.5, SafeGuard Easy < 7.00.3, SafeGuard LAN Crypt

Sophos SafeGuard Privilege Escalation Vulnerability - Windows

Sophos SafeGuard Client Products are prone to privilege escalation vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...