FireEye - Malware Input Processor (uid=mip) Privilege Escalation

Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=670 The mip user is already quite privileged, capable of accessing sensitive network data. However, as the child process has supplementary gid contents, there is a very simple...

FireEye - Malware Input Processor Privilege Escalation

FireEye - Malware Input Processor Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=670 The mip user is already quite privileged, capable of accessing sensitive network data. However, as the child process has supplementary gid contents, there is a very simple...

FireEye - Wormable Remote Code Execution in MIP JAR Analysis

FireEye - Wormable Remote Code Execution in MIP JAR Analysis Source: https://code.google.com/p/google-security-research/issues/detail?id=666 The FireEye MPS Malware Protection System is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designe...

FireEye - Wormable Remote Code Execution in MIP JAR Analysis

Exploit for java platform in category remote exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=666 The FireEye MPS Malware Protection System is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designed to...

FireEye - Wormable Remote Code Execution in MIP JAR Analysis

Source: https://code.google.com/p/google-security-research/issues/detail?id=666 The FireEye MPS Malware Protection System is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designed to operate as a passive network tap, so that it can see all...