Computer Security
[EN] securityvulns.ru no-pyccku


Restorepoint security vulnerabilities
Published:19.12.2011
Source:
SecurityVulns ID:12103
Type:remote
Threat Level:
6/10
Description:Code execution, privileg escalation.
Affected:RESTOREPOINT : Restorepoint 3.2
CVE:CVE-2011-4202 (The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions (www write access) for unspecified scripts, which allows local users to gain privileges by modifying a script file.)
 CVE-2011-4201 (remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) pid1 or (2) pid2 parameter in a stop_remote_support action.)
Original documentdocumentTavaris Desamito, [MATTA-2011-003] Restorepoint Remote root command execution vulnerability - CVE-2011-4201 CVE-2011-4202 (19.12.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod