Computer Security
[EN] securityvulns.ru no-pyccku


RackSpace Windows Agent update spoofing
Published:26.11.2013
Source:
SecurityVulns ID:13425
Type:m-i-t-m
Threat Level:
5/10
Description:Binaries digital signature is not checked.
Affected:RACKSPACE : Rackspace Windows Agent 1.2
CVE:CVE-2013-6795 (The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary.)
Original documentdocumentandrew_(at)_cloudpassage.com, CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater (26.11.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod