28 matches found
EUVD-2021-12175
Malware in sbrugna...
EUVD-2018-16649
Malware in sbrugna...
EUVD-2018-20827
Malware in sbrugna...
CVE-2021-25264
In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute arbitrary code with administrator privileges...
CVE-2010-5177
Race condition in Sophos Endpoint Security and Control 9.0.5 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes...
Citrix Virtual Apps and Desktops 2407 : Sophos Endpoint Agent gets loaded into ICA user session
Published app sessions are getting loaded with Sophos Endpoint Agent. This is seen under Workspace app Connection Center. Sophos Endpoint agent is getting loaded into all the Citrix ICA sessions. Citrix Workspace app Connection Center shows the "Sophos Endpoint Agent - Notification Icon". Sophos...
CVE-2021-25264
In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute arbitrary code with administrator privileges...
Sophos Endpoint Protection 代码注入漏洞
Sophos Endpoint Protection is a network appliance from Sophos UK. It provides the function of blocking X endpoints. Sophos Endpoint Protection has a security vulnerability that can be exploited by an attacker who can bypass the restrictions of Sophos Endpoint Protection in order to escalate his...
April 25, 2019—KB4493460 (Preview of Monthly Rollup)
April 25, 2019—KB4493460 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493471released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an issu...
April 9, 2019—KB4493458 (Security-only update)
April 9, 2019—KB4493458 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue in which netdom.exe fails to run, and the error, “The command failed to complete successfully” appears. Addresses an issue that may cause...
April 9, 2019—KB4493450 (Security-only update)
April 9, 2019—KB4493450 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations. Addresses an issue that...
April 9, 2019—KB4493471 (Monthly Rollup)
April 9, 2019—KB4493471 Monthly Rollup Customers who have applied KB 4489887 or later Monthly Rollup Packages to Microsoft Server 2008 SP2 may notice a change to the operating system version string. The “build number” component of the version string increases by 1, and the revision number decreas...
April 9, 2019—KB4493448 (Security-only update)
April 9, 2019—KB4493448 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against Spectre Variant 2 CVE-2017-5715 and Meltdown CVE-2017-5754 for VIA-based computers. These protections are enabled by default fo...
Sophos Endpoint Protection Plaintext Password Disclosure Vulnerability
Sophos Endpoint Protection helps protect your workstation by adding prevention, detection and response technologies to your operating system. A plaintext password disclosure vulnerability exists in Sophos Endpoint Protection 10.7. The vulnerability arises because Sophos Endpoint Protection uses...
Sophos Endpoint Protection Anti-tamper Protection Mechanism Bypass Vulnerability
Sophos Endpoint Protection helps protect your workstation by adding prevention, detection and response technologies to your operating system. A tamper protection mechanism bypass vulnerability exists in Sophos Endpoint Protection 10.7. A local user can exploit this vulnerability to bypass the...
Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption
Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt + ISR: Apparition...
Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt + ISR: Apparition Security Vendor: ============= www.sophos.com Product: =========== Sophos...
Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt + ISR: Apparition Security Vendor: ========== www.sophos.com Product: =========== Sophos...
CVE-2018-4863
Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key...
Default credentials
Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other...