Full Disclosure mailing list archives

Re: AVG 8.0.173 flaw

From: "James Matthews" <nytrokiss () gmail com>
Date: Wed, 5 Nov 2008 22:12:45 +0200

For all people that use the free AVG "you get what you paid for" for all
else........

On Wed, Nov 5, 2008 at 6:05 PM, Erik Harrison <eharrison () gmail com> wrote:

leveraging the same access credentials and attack vector, an attacker
could shut down the affected system without authorization.

oh shit. time to patch!

On Wed, Nov 5, 2008 at 10:49 AM, alessandro telami
<admin () cyber-threats com> wrote:

What sort of vulnerability would this be???

Date: Wed, 5 Nov 2008 08:52:28 +0000
From: tribalmp () gmail com
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] AVG 8.0.173 flaw

AVG 8.0.173 flaw
Nov 5, 2008

-- Affected Vendors:
AVG Technologies

-- Affected Products:
AVG 8.0.173

-- Vulnerability Details:
There is a flaw in AVG 8.0 that alow a user to shutdown the AVG
Resident Shield Service via Task Manager temporarily and execute a
malicious file while the AVG Resident Shield Service is restarting.

Note: The AVG Resident Shield Service can be crashed, until next boot.

-- Dificulty Level:
low

-- Vendor Response:
None

-- Disclosure Timeline:
2008-11-05 - Disclosure

-- About:
Fabio Pinheiro at http://dicas3000.blogspot.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


________________________________
Get the best wallpapers on the Web - FREE. Click here!
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




-- 
http://www.goldwatches.com/

http://www.jewelerslounge.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

AVG 8.0.173 flaw Tribal MP (Nov 05)
- Re: AVG 8.0.173 flaw alessandro telami (Nov 05)
  - Re: AVG 8.0.173 flaw Erik Harrison (Nov 05)
    - Re: AVG 8.0.173 flaw James Matthews (Nov 05)
- <Possible follow-ups>
- AVG 8.0.173 flaw Tribal MP (Nov 06)
  - Re: AVG 8.0.173 flaw alessandro telami (Nov 06)