790 matches found
Comodo, CAs Issue Forbidden Certificates
Certificate authority Comodo admits it incorrectly issued eight certificates that include forbidden internal server names or reserved IP addresses. In 2012, the Certificate Authority/Browser Forum banned the use of such designations for certs issued after Nov. 1, 2015. The decision was meant to c...
New Campaign Shows Dridex Active, Targeting the French
Two weeks after authorities announced they had taken down the botnet behind the banking malware Dridex, new research suggests the threat is alive and well. Researchers with security company Invincea announced today that they’ve noticed 60 instances of attackers dropping Dridex on users in France,...
New Versions of Carbanak Banking Malware Seen Hitting Targets in U.S. and Europe
New variants of the notorious Carbanak Trojan have surfaced in Europe and the United States, and researchers say that the malware now has its own proprietary communications protocol and the samples seen so far have been digitally signed. Carbanak has been in use for several years, and researchers...
CVE-2014-7872
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server...
Design/Logic Flaw
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server...
CVE-2014-7872
CVE-2014-7872 affects Comodo GeekBuddy prior to 4.18.121, where the VNC server runs with lax access controls, allowing local privilege escalation by connecting to the VNC server (passwordless, background service). Some sources note a potential remote vector via CSRF-like attacks with a web-based ...
CVE-2014-7872
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server...
Comodo GeekBuddy Local Lift Vulnerability
Comodo GeekBuddy is an online computer support system. A local elevation of privilege vulnerability exists in Comodo GeekBuddy, which allows local attackers to exploit the vulnerability to elevate privileges...
Comodo GeekBuddy 4.18.121 - Local Privilege Escalation
Comodo GeekBuddy 4.18.121 - Local Privilege Escalation Comodo GeekBuddy Local Privilege Escalation CVE-2014-7872 Jeremy Brown jbrown3264/gmail -Synopsis- Comodo GeekBuddy, which is bundled with Comodo Anti-Virus, Comodo Firewall and Comodo Internet Security, runs a passwordless, background VNC...
Comodo GeekBuddy Local Privilege Escalation
Comodo GeekBuddy Local Privilege Escalation CVE-2014-7872 Jeremy Brown jbrown3264/gmail -Synopsis- Comodo GeekBuddy, which is bundled with Comodo Anti-Virus, Comodo Firewall and Comodo Internet Security, runs a passwordless, background VNC server and listens for incoming connections. This can all...
Comodo GeekBuddy < 4.18.121 - Local Privilege Escalation
Comodo GeekBuddy Local Privilege Escalation CVE-2014-7872 Jeremy Brown jbrown3264/gmail -Synopsis- Comodo GeekBuddy, which is bundled with Comodo Anti-Virus, Comodo Firewall and Comodo Internet Security, runs a passwordless, background VNC server and listens for incoming connections. This can all...
Microsoft Warns Fraudulent Certificate Could Lead to MiTM Attacks
Microsoft has blacklisted a phony SSL certificate that’s been making the rounds and is in the process of warning the general public that the certificate could be leveraged to stage man-in-the-middle attacks. In a security advisory published yesterday the company stressed that an improper...
Comodo BackUp Detection (Windows SMB Login)
Detects the installed version of Comodo BackUp. The script logs in via smb, searches for Comodo Backup in the registry and gets the version from registry SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
COMODO BackUp Authentication Bypass Vulnerability - Windows
COMODO BackUp is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:comodo:backup";...
Adtrustmedia PrivDog fails to validate SSL certificates
Overview Adtrustmedia PrivDog fails to validate SSL certificates, making systems broadly vulnerable to HTTPS spoofing. Description Adtrustmedia PrivDog is a Windows application that advertises "... safer, faster and more private web browsing." Privdog installs a Man-in-the-Middle MITM proxy as we...
CVE-2014-9633
The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference...
Null pointer dereference
The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference...
CVE-2014-9633
The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference...
CVE-2014-9633
CVE-2014-9633 affects COMODO Backup prior to version 4.4.1.23, where the bdisk.sys driver (Windows) can be exploited via a crafted device handle to trigger a NULL pointer dereference and obtain privilege escalation. The vulnerability is tied to the bdisk.sys component within COMODO Backup and is ...
Comodo Backup Null Pointer Reference Elevation of Privilege Vulnerability
Comodo Backup, is the United States Comodo Comodo company produced a free professional data backup tool. A null pointer reference elevation of privilege vulnerability exists in Comodo Backup, which allows remote attackers to obtain privileges by initiating a null pointer reference via a specially...