On Sunday, Kristian Erik Hermansen disclosed a zero-day vulnerability in FireEye’s core product, which if exploited, results in unauthorized file disclosure. As proof, he also posted a brief example of how to trigger the vulnerability and a copy of the /etc/passwd file. What’s more, he claims to have three other vulnerabilities, and says they’re for sale.
Based on the published information on Exploit-DB and Pastebin, the basic setup of the compromised appliance is exactly what you’d expect it to be; the box has Apache, pushing PHP, running as root.
The other listed services are also expected on a forward facing Web-appliance, including SSH and FTP. However, the disclosed flaw looks to be centered in a PHP script on the FireEye appliance itself.
Read the Full Article: Source – CSO Online
Browsing Privacy: (cso online) – Researcher discloses zero-day vulnerability in FireEye
Leave a Reply
You must be logged in to post a comment.