Computer Security

Restorepoint security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Restorepoint security vulnerabilities
Published:19.12.2011
Source:BUGTRAQ
SecurityVulns ID:12103
Type:remote
Level:6/10
Description:Code execution, privileg escalation.
Affected:RESTOREPOINT : Restorepoint 3.2
CVE:CVE-2011-4202 (The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions (www write access) for unspecified scripts, which allows local users to gain privileges by modifying a script file.)
 CVE-2011-4201 (remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) pid1 or (2) pid2 parameter in a stop_remote_support action.)
Original documentdocumentTavaris Desamito, [MATTA-2011-003] Restorepoint Remote root command execution vulnerability - CVE-2011-4201 CVE-2011-4202 (19.12.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru