26 matches found
CVE-2021-4467
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...
CVE-2021-4467
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...
CVE-2021-4467
CVE-2021-4467 affects Positive Technologies MaxPatrol 8 and XSpider, where the client communication service listening on TCP port 2002 accepts new session IDs per connection without adequately throttling concurrent requests. An unauthenticated attacker could issue repeated HTTPS requests to cause...
CVE-2021-4467 Positive Technologies MaxPatrol 8 & XSpider Remote DoS
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...
EUVD-2021-34719
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...
CVE-2021-4467 Positive Technologies MaxPatrol 8 & XSpider Remote DoS
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...
PT-2025-47018
Name of the Vulnerable Software and Affected Versions Positive Technologies MaxPatrol 8 affected versions not specified Positive Technologies XSpider affected versions not specified Description The client communication service, listening on TCP port 2002, is susceptible to a remote...
Positive MaxPatrol 8和Positive XSpider 安全漏洞
Positive MaxPatrol 8 and Positive XSpider are both products of the Russian company Positive.Positive MaxPatrol 8 is a vulnerability management platform.Positive XSpider is a network vulnerability scanner. A security vulnerability exists in Positive MaxPatrol 8 and Positive XSpider that stems from...
The vulnerability of the PT MC components of the security control systems—PT MaxPatrol SIEM, PT MaxPatrol VM, PT MaxPatrol EDR, PT MaxPatrol Carbon, and PT MaxPatrol O2—allows attackers to enhance their privileges.
The vulnerability of the PT MaxPatrol SIEM, PT MaxPatrol VM, PT MaxPatrol EDR, PT MaxPatrol Carbon, and PT MaxPatrol O2 security control components is related to improper authentication. Exploiting this vulnerability can allow attackers, operating remotely, to gain increased privileges...
PT-2024-41: Bypass authentication in PT MaxPatrol SIEM, PT MaxPatrol VM, PT MaxPatrol EDR, PT MaxPatrol Carbon и PT MaxPatrol O2
The vulnerability was identified in PT MaxPatrol SIEM, PT MaxPatrol VM, PT MaxPatrol EDR, PT MaxPatrol Carbon и PT MaxPatrol O2 that affects versions that include component PT MC version earlier than 101.4.8813 and component MPX version earlier than 27.2.14850. The discovered vulnerability allows...
Malicious code in maxpatrol (PyPI)
The package contains code to download and execute a reverse shell script. --- -= Per source details. Do not edit below this line.=- Source: kam193 e7b0664f3eb50be717290db2d08e1be4a3dcbce029ad58fae9cffb04f09a51c1 When imported, the package download and runs a remote stage - a reverse shell. To mas...
MAL-2024-9268 Malicious code in maxpatrol (PyPI)
The package contains code to download and execute a reverse shell script. --- -= Per source details. Do not edit below this line.=- Source: kam193 e7b0664f3eb50be717290db2d08e1be4a3dcbce029ad58fae9cffb04f09a51c1 When imported, the package download and runs a remote stage - a reverse shell. To mas...
The vulnerability of the MaxPatrol security control system, related to errors in processing connection requests, allows for disconnecting client connections from the management server.
The vulnerability of the MaxPatrol security control system is related to errors in processing connection requests. Exploiting this vulnerability can allow a malicious actor to interrupt the connection between clients and the management server, without compromising the functionality of the...
Maxpatrol 8 / Xspider Denial Of Service Vulnerability
Positive Technologies Maxpatrol 8 and Xspider appears to suffer from a denial of service vulnerability. Exploit Title: Positive Technologies Maxpatrol 8 & Xspider Remote DoS Force clients disconect Exploit Author: AsCiI Vendor Homepage: https://www.ptsecurity.com/ Affected Positive Technologies...
Maxpatrol 8 / Xspider Denial Of Service
Exploit Title: Positive Technologies Maxpatrol 8 & Xspider Remote DoS Force clients disconect Date: 2020-08-20 Exploit Author: AsCiI Vendor Homepage: https://www.ptsecurity.com/ Affected Positive Technologies Maxpatrol 8 & Xspider Scanners Vulnerability reported in 09.2020. No reply from vendor...
MaxPatrol VM: An Ambitious Vision for Vulnerability Management Transformation
In this episode, I would like to share my thoughts about the new Vulnerability Management product by Positive Technologies - MaxPatrol VM. It was presented on November 16th, at the Standoff365 online conference full video in Russian. The presentation and concept of the product were very good. I...
Vulnerability Management for Network Perimeter
Network Perimeter is like a door to your organization. It is accessible to everyone and vulnerability exploitation does not require any human interactions, unlike, for example, phishing attacks. Potential attacker can automate most of his actions searching for an easy target. It's important not t...
MaxPatrol 8 installation process
Today I have a great opportunity to write about MaxPatrol 8. For me it is a very nostalgic experience. I worked for many year in Positive Technologies developing this product. And now I can write about it from the customer side. MaxPatrol is still not very well known outside Russia and CIS,...
[Positive Technologies Research] Open Source WebEngine and Web Crawler v.0.2 is out!
============================================================== ============= Positive Technologies Research Lab ============= ============================================================== Open Source WebEngine and Web Crawler Beta ============================================================== --...
Living CMS Cross-Site Scripting vulnerability
---------------------------------------------------------------------- PT-2009-15 Positive Technologies Security Advisory Living CMS Cross-Site Scripting vulnerability ---------------------------------------------------------------------- --- Affected Software Living CMS Versions prior to 1.5...