Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

User Credentials Leakage in Panda Cloud Office Protection
From: Buherátor <buherator () gmail com>
Date: Wed, 19 Jun 2013 15:54:40 +0200

Dear List,

More than a year ago I identified a pretty serious bug in the deployment
system of Panda Cloud Office Protection. The bug seems to be fixed since
version 6 (I didn't assess the new implementation thoroughly), but I am
unaware of any official notices about it from the vendor although
management passwords may still be recovered from leftover installers, so I
think it worth to publish the info here:

http://vimeo.com/66384124

Buherátor
http://buhera.blog.hu
PGP: 1DD5 6AFB 0660 4106 7B70  4F71 B84C 47BD 86EA 1855
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • User Credentials Leakage in Panda Cloud Office Protection Buherátor (Jun 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault