Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

ESET anti-virus software has a buffer overflow vulnerability

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

February 28, 2017

A new security vulnerability has been discovered in ESET's antivirus software.

The esets_daemon uses an outdated version of POCO's XML parser library that is vulnerable to a buffer overflow bug (CVE-2016-0718).

That library handles license activation requirements with a request to https://edf.eset.com/edf. Whatever data is sent back from that server can exploit the XML parser bug to potentially gain arbitrary code execution as root, the user assumed by ESET's antivirus.

A man-in-the-middle attack is possible because the daemon doesn't check ESET's licensing server certificate, allowing a malicious machine masquerading as the ESET licensing server to give the client a self-signed HTTPS cert.

Now the attacker controls the connection, they can send malformed content to to the desktop to hijack the XML parser and execute code as root. And Macs are greatly vulnerable to these kind of potential attacks.

When the ESET Endpoint Antivirus tries to activate its license, esets_daemon sends a request to https://edf.eset.com/edf. That's when the troubles begin.

Today, ESET has asserted that it fixed the issue in version 6.4.168.0. Make sure you're patched up to date to avoid any potential security issues.

Source: ESET.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer