lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 04 Jul 2018 12:37:26 +0300
From: Kyriakos Economou <kyrecon@...i-reversing.com>
To: Fulldisclosure <fulldisclosure@...lists.org>
Subject: [FD] Sophos Safeguard Products - Multiple Privilege Escalation
 Vulnerabilities.

We have recently disclosed a list of vulnerabilities to Sophos that 
allow local attackers to elevate their privileges and execute code in 
the security context of the SYSTEM user account.

Affected Products:
SafeGuard Enterprise 8.00.4 and earlier (Fix: install 8.00.5)
SafeGuard Easy 7.00.2.35 and earlier (Fix: install 7.00.3)
SafeGuard LAN Crypt 3.95.1.13 and earlier (Fix: install 3.95.2)

For more information regarding these issues please visit: 
https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/

Cheers,
kyREcon

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ