Vulnerabilities > CVE-2018-6322 - Unspecified vulnerability in Pandasecurity Panda Global Protection 17.0.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/146708/TSI-ADV172018.txt |
id | PACKETSTORM:146708 |
last seen | 2018-03-23 |
published | 2018-03-08 |
reporter | Felipe Xavier Oliveira |
source | https://packetstormsecurity.com/files/146708/Panda-Global-Security-17.0.1-NULL-DACL-Grants-Full-Access.html |
title | Panda Global Security 17.0.1 NULL DACL Grants Full Access |