Re: AVG 8.0.173 flaw

["Erik Harrison" <eharrison () gmail com>]

leveraging the same access credentials and attack vector, an attacker
could shut down the affected system without authorization.

oh shit. time to patch!

On Wed, Nov 5, 2008 at 10:49 AM, alessandro telami
<admin () cyber-threats com> wrote:
> What sort of vulnerability would this be???
>
> > Date: Wed, 5 Nov 2008 08:52:28 +0000
> > From: tribalmp () gmail com
> > To: full-disclosure () lists grok org uk
> > Subject: [Full-disclosure] AVG 8.0.173 flaw
> >
> > AVG 8.0.173 flaw
> > Nov 5, 2008
> >
> > -- Affected Vendors:
> > AVG Technologies
> >
> > -- Affected Products:
> > AVG 8.0.173
> >
> > -- Vulnerability Details:
> > There is a flaw in AVG 8.0 that alow a user to shutdown the AVG
> > Resident Shield Service via Task Manager temporarily and execute a
> > malicious file while the AVG Resident Shield Service is restarting.
> >
> > Note: The AVG Resident Shield Service can be crashed, until next boot.
> >
> > -- Dificulty Level:
> > low
> >
> > -- Vendor Response:
> > None
> >
> > -- Disclosure Timeline:
> > 2008-11-05 - Disclosure
> >
> > -- About:
> > Fabio Pinheiro at http://dicas3000.blogspot.com
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> ________________________________
> Get the best wallpapers on the Web - FREE. Click here!
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/