Panda AdminSecure Communications Agent < 4.50.0.10 Directory Traversal

The Panda AdminSecure Communications Agent software, which is used for centralized management of Panda Antivirus, installed on the remote Windows host contains a flaw in the handling of MESSAGEFROMREMOTE messages. The software does not properly sanitize inputs, allowing an attacker to craft a...

Panda AdminSecure代理远程整数溢出漏洞

BUGTRAQ ID: 25046 CVECAN ID: CVE-2007-3026 Panda AdminSecure是熊猫软件公司的企业级安全解决方案。 AdminSecure在处理畸形请求数据时存在漏洞，远程攻击者可能利用此漏洞控制用户系统。 AdminSecure代理默认绑定在TCP 19226或19227端口。当处理监听端口上通讯的时候，代理错误地信任了用户提供的长度值进行内存分配，特定的值可能会触发整数溢出，最终导致堆溢出，成功攻击可以在用户系统上执行任意指令。 Panda AdminSecure 2006 Panda -----...

Panda AdminSecure Communications Agent < 4.2 Packet Handling Remote Heap Overflow

The Panda AdminSecure Communications Agent software, which is used for centralized management of Panda Antivirus, is installed on the remote Windows host. The version of Communications Agent on the remote host trusts a user-supplied length value for a memory allocation when processing traffic to...

CVE-2007-3026

Integer overflow in Panda Software AdminSecure allows remote attackers to execute arbitrary code via crafted packets with modified length values to TCP ports 19226 or 19227, resulting in a heap-based buffer overflow...

Integer overflow

Integer overflow in Panda Software AdminSecure allows remote attackers to execute arbitrary code via crafted packets with modified length values to TCP ports 19226 or 19227, resulting in a heap-based buffer overflow...

CVE-2007-3026

CVE-2007-3026 refers to a remote, unauthenticated heap-based buffer overflow in Panda AdminSecure (AdminSecure agent) that occurs when processing traffic on TCP ports 19226 or 19227. The flaw results from trusting a user-supplied length value for memory allocation, which can cause an integer over...

ZDI-07-041: Panda Software AdminSecure Agent Heap Overflow Vulnerability

ZDI-07-041: Panda Software AdminSecure Agent Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-041.html July 24, 2007 -- CVE ID: CVE-2007-3026 -- Affected Vendor: Panda Software -- Affected Products: Panda AdminSecure 2006 -- TippingPointTM IPS Customer Protection:...

Panda AdminSecure agent buffer overflow

Heap buffer overflow on parsing TCP/19226 and TCP/19227 network traffic...

Panda AdminSecure Communications Agent Detection

The remote service is a Communications Agent, which manages communications between Panda AdminSecure and client computers for centralized management of Panda antivirus software. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if...

Panda Software AdminSecure Agent Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Panda AdminSecure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AdminSecure agent which binds by default to TCP port 19226 or 19227. When processi...