3APA3A has discovered a security issue in Panda Platinum Internet Security, which can be exploited by malicious, local users to gain escalated privileges.
The problem is caused due to the application setting insecure default permissions (grants "Everyone" group "Full Control") on the "Panda Platinum 2006 Internet Security" / "Panda Platinum 2007 Internet Security" directory and all child objects. This can be exploited to remove, manipulate, and replace any of the application's files.
Successful exploitation allows execution of arbitrary code with SYSTEM privileges.
It has also been reported that the spam filtering can be managed via the web interface listening on localhost on port 6083/tcp.
The security issue has been confirmed in Panda Platinum 2007 Internet Security 11.00.00 and has also been reported in Panda Platinum 2006 Internet Security 10.02.01. Other versions may also be affected.
Solution: Update to the latest signatures and ensure that TruPrevent(tm) is enabled (default setting).
Provided and/or discovered by: 3APA3A
Original Advisory: http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049286.html
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Panda Platinum Internet Security Insecure Default Directory Permissions
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.