Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Many major vulnerabilities found in Kaspersky Antivirus for Linux servers, download the patch here
People expect anti-virus software to protect themselves and data from malware, hackers, but sometimes, even these products exist their own vulnerabilities. Leandro Barragan and Maximiliano Vidal, two researchers from network security company Core Security, have found a number of vulnerabilities that can be exploited in the Web Management Console of Kaspersky Anti-Virus for Linux servers.
- After WannaCry, Petya's "blackmail" malicious code is raging, this is a way to overcome and prevent it
These vulnerabilities will allow hackers to attack the server using methods such as remote attack to root and access the system. Hackers can use Cross-Site Request Forgery technique (CSRF - a type of phishing attack on its own subject, based on unauthorized borrowing and hackers can perform operations requiring authentication) to exploit the vulnerabilities found in Kaspersky Anti-Virus for Linux servers.
Core Security said that this antivirus program does not have anti-CSRF features in any way. This will allow an attacker to achieve low-level privileges, which can then be upgraded to root privileges.
Share more: For Linux and other UNIX operating systems, the root user is equivalent to Administrator user on Windows. Root user has access to the entire file system in the operating system and does whatever it wants.
Other vulnerabilities are also found: cross-site scripting (this is a vulnerability that appears primarily on web apps, allowing hackers to insert malicious code into the app that is dangerous to users) and path traversal ( HTTP vulnerabilities allow hackers to access restricted indexes, execute commands outside the root index of the web server.)
Barragan and Vidal found these flaws in April and quickly contacted Kaspersky Lab. The company has since confirmed all reported vulnerabilities and is working in conjunction with Core Security to fix issues. Patch Patch 13738 includes a fix that was released on June 29 and can also be obtained from the Kaspersky website.
Many major vulnerabilities found in Kaspersky Antivirus for Linux servers, download the patch here Picture 1
Download patch 13738 at: http://support.kaspersky.com/13738
Marvin FryYou should read it
- Do you want to use Kaspersky Antivirus 2016 for free, please read the following article
- 9 best antivirus software for Mac
- Kaspersky launched Internet Security and Antivirus 2010 versions
- Top 10 best Antivirus software in early 2018 for Windows 10
- How to use Kaspersky Free antivirus software
- Instructions for cleaning and optimizing the system with Kaspersky Cleaner
- Kaspersky gave the antivirus software source code to a third party for review
- Former NSA hacker turned Kaspersky antivirus software into a spy tool
- The best antivirus programs for Windows 7
- Kaspersky launches antivirus version for Mac
- How to transfer Kaspersky Free Antivirus to English interface
- 2.5 million Vietnamese bought Kaspersky software
Maybe you are interested
Detecting software vulnerabilities Samsung can be rewarded with 1 million USD
Serious security vulnerabilities in Safari and Chrome have existed for 18 years
GPT-4 exploits vulnerabilities faster and cheaper than humans
Warning of 16 security vulnerabilities causing Microsoft products to be attacked
16 new security vulnerabilities can cause systems using Microsoft software to be attacked
Microsoft fixes 149 security vulnerabilities on Windows, users should update immediately
Attack the network
WikiLeaks revealed malware of CIA hacks and spies on Linux computers- Mobile malware infection rate increased by 400% in the past year. Android has the highest rate
- No anti-virus software can detect this extremely dangerous new Ransomware on Android
- It took three years for Google to discover this dangerous Spyware on Android
- You will have to play the game if you want to get rid of this new Ransomware
- The new threat in Linux operating system can have 'incalculable' consequences.
WikiLeaks revealed malware of CIA hacks and spies on Linux computers
Mobile malware infection rate increased by 400% in the past year. Android has the highest rate
No anti-virus software can detect this extremely dangerous new Ransomware on Android
It took three years for Google to discover this dangerous Spyware on Android
You will have to play the game if you want to get rid of this new Ransomware
The new threat in Linux operating system can have 'incalculable' consequences.