The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kaspersky anti-virus for linux server |
Also, update your Kaspersky Anti-Virus File Server – before you get hacked
Several employees of Russian security vendor Kaspersky Lab got an unpleasant surprise on Tuesday night when FBI agents popped round to their residences for a chat. Staff in the US were visited and agents reportedly told them that they weren't under criminal investigation, but that the Feds would just like some information about how the company operates and shares information with its home office in Russia. "As a private company, Kaspersky Lab has no ties to any government, and the company has ne...