This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Windows host contains an application that is affected by a
directory traversal vulnerability.
The Panda AdminSecure Communications Agent software, which is used for
centralized management of Panda Antivirus, installed on the remote
Windows host contains a flaw in the handling of MESSAGE_FROM_REMOTE
messages. The software does not properly sanitize inputs, allowing an
attacker to craft a special message that allows traversing outside of a
restricted path. This may allow a remote attacker to overwrite
arbitrary files and execute remote code with SYSTEM privileges.
See also :
Upgrade to Panda AdminSecure hotfix 4_50_00_0032 or later and update
all connected agents.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : false
Nessus Plugin ID: 70683 ()
Bugtraq ID: 63195
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.