Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Windows >> PGP Desktop PGPserv Arbitrary Code Execution Vulnerability


Vulnerability Assessment Details

PGP Desktop PGPserv Arbitrary Code Execution Vulnerability

Vulnerability Assessment Summary
Checks version of PGP Desktop

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote Windows host has an application that is affected by a
privilege escalation issue.

Description :

The version of PGP Desktop installed on the remote host reportedly can
permit a remote authenticated user to execute arbitrary code on the
affected host with LOCAL SYSTEM rights. The issue arises because
the software operates a service named 'PGPServ' or 'PGPsdkServ' that
exposes a named pipe that fails to validate the object data passed to
it.

See also :

http://www.nessus.org/u?eaff6760
http://www.securityfocus.com/archive/1/458137/30/0/threaded

Solution :

Upgrade to PGP Desktop version 9.5.2 or later, as the change log suggests
the issue has been addressed in that version.

Network Security Threat Level:

Medium / CVSS Base Score : 4.8
(AV:R/AC:H/Au:R/C:C/I:C/A:C/B:N)

Networks Security ID: 22247

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security

Cables, Connectors


Juniper EX4300-48T-AFO 48P 1GbE 2 PSU Switch picture

Juniper EX4300-48T-AFO 48P 1GbE 2 PSU Switch

$279.00



Juniper (EX2200-C-12T-2G) 12 Port Managed Compact Switch  picture

Juniper (EX2200-C-12T-2G) 12 Port Managed Compact Switch 

$75.00



Juniper Networks EX3400 48-Port 4-SFP PoE+ Running Junos P/N: EX3400-48P Tested picture

Juniper Networks EX3400 48-Port 4-SFP PoE+ Running Junos P/N: EX3400-48P Tested

$399.99



Juniper EX2200-24P-4G 24 Port PoE Gigabit Switch SAME DAY SHIP 1 YEAR WARRANTY picture

Juniper EX2200-24P-4G 24 Port PoE Gigabit Switch SAME DAY SHIP 1 YEAR WARRANTY

$39.99



Juniper (EX2200-C-12P-2G) 12 Port Managed Compact Switch picture

Juniper (EX2200-C-12P-2G) 12 Port Managed Compact Switch

$70.00



Juniper EX3300-24P Juniper 24 Port Gigabit PoE+ Switch - Same Day Shipping picture

Juniper EX3300-24P Juniper 24 Port Gigabit PoE+ Switch - Same Day Shipping

$103.00



Juniper EX4300-48T 48 Port Gigabit 4 QSFP 40G Dual Power Supply Network Switch picture

Juniper EX4300-48T 48 Port Gigabit 4 QSFP 40G Dual Power Supply Network Switch

$179.00



Juniper EX3400-48P 48-Ports 1GB PoE+ & 4-Ports SFP+ & 2-Ports QSFP+ & 1AC Switch picture

Juniper EX3400-48P 48-Ports 1GB PoE+ & 4-Ports SFP+ & 2-Ports QSFP+ & 1AC Switch

$299.95



JUNIPER EX4550-32F-AFO 32-PORT 1/10GbE SFP+ ETHERNET SWITCH Tested/Reset picture

JUNIPER EX4550-32F-AFO 32-PORT 1/10GbE SFP+ ETHERNET SWITCH Tested/Reset

$749.99



Juniper EX4300-48T 48-Ports Ethernet Switch w/Dual Power picture

Juniper EX4300-48T 48-Ports Ethernet Switch w/Dual Power

$269.00



Discussions

No Discussions have been posted on this vulnerability.