Nenad Vijatov » ESET http://blog.vijatov.com In a few words. Thu, 05 Aug 2010 23:14:55 +0000 en hourly 1 http://wordpress.org/?v=3.1.4 ESET Remote Administrator Script Insertion Vulnerability http://blog.vijatov.com/2009/02/05/eset-remote-administrator-script-insertion-vulnerability/ http://blog.vijatov.com/2009/02/05/eset-remote-administrator-script-insertion-vulnerability/#comments Thu, 05 Feb 2009 16:01:17 +0000 Nenad Vijatov http://blog.vijatov.com/?p=51 Me and Ivan Markovic found vulnerability in ESET’s NOD32 Remote Administrator Server. Vulnerability is reported in version 3.x  and potentially can be exploited to compromise a user’s system. For successful attack you need Administrator account at NOD32 RAS to create a malicious report. Administrators and Read-only users are both affected if open malicious report.

Secunia confirmed this vulnerability.

Here is CVE ID: 2009-0548.

]]> http://blog.vijatov.com/2009/02/05/eset-remote-administrator-script-insertion-vulnerability/feed/ 0