Re: Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)

["Panda Security Response" <secure () pandasecurity com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> -----Original message-----
> From: 3APA3A [mailto:3APA3A () SECURITY NNOV RU] 
>
>  secure () pandasoftware com was contacted about this same 
> vulnerability in  Panda  Antivirus  2007  on August, 11 2006 
> (more than year ago) without  any results and response, until 
> information was published in Bugtraq.

The vulnerability response team was created in 10/2006 to manage
vulnerability reports and create fixes as necessary. 


>  As  far,  as  I  can  see, pandasecurity.com is Swedish 
> domain of Panda  while  pandasoftware.com  is  international  
> one.  I believe it's quite  reasonable   to   have 
> secure () pandasoftware com  to  be   forwarded  to
> secure () pandasecurity com, don't you think so?

Re: secure () pandasoftware com & secure () pandasecurity com, it's the
same contact mailbox at the Panda HQ domain in Spain (.es), not
Sweden (.se). Public key attached.

Regards,

- ----------------------------------------------
Pedro Bustamante
Senior Research Advisor
Panda Security

email: pedro.bustamante () pandasecurity com <0xC684A6F9>
vulns: secure () pandasecurity com <0x70F3FEA0>
phone: (+34) 91-8063700
blog:  http://research.pandasoftware.com 
- ----------------------------------------------



-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRvdrw46s6aZw8/6gEQJ+bACfWyLJHFMarDWRU1h/sbD7xttIUmkAoO2W
lMvAKwSZDMPuCx7yCnEFnQ+y
=wLME
-----END PGP SIGNATURE-----

Attachment: Panda Security Response.asc
Description: Panda Security Response.asc

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/