Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities.

[Kyriakos Economou <kyrecon () anti-reversing com>]

We have recently disclosed a list of vulnerabilities to Sophos that 
allow local attackers to elevate their privileges and execute code in 
the security context of the SYSTEM user account.

Affected Products:
SafeGuard Enterprise 8.00.4 and earlier (Fix: install 8.00.5)
SafeGuard Easy 7.00.2.35 and earlier (Fix: install 7.00.3)
SafeGuard LAN Crypt 3.95.1.13 and earlier (Fix: install 3.95.2)

For more information regarding these issues please visit: 
https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/

Cheers,
kyREcon

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/