Anti-virus For Linux Server Security Vulnerabilities and Issues — Anti-virus For Linux Server CVE List

Lucene search

KasperskyAnti-virus For Linux Server

4 matches found

CVE•added 2017/07/17 9:29 p.m.•93 views

CVE-2017-9812

The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.

7.5CVSS8.4AI score0.2717EPSS

CVE•added 2017/07/17 9:29 p.m.•66 views

CVE-2017-9811

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.

10CVSS9.2AI score0.24673EPSS

CVE•added 2017/07/17 9:29 p.m.•61 views

CVE-2017-9810

There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.

8.8CVSS8.9AI score0.01078EPSS

CVE•added 2017/07/17 9:29 p.m.•57 views

CVE-2017-9813

In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).

6.1CVSS7.3AI score0.02941EPSS