1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Researcher discloses zero-day vulnerability in FireEye

Discussion in 'CSO' started by RSS, Sep 7, 2015.

  1. RSS

    RSS New Member Member

    On Sunday, Kristian Erik Hermansen disclosed a zero-day vulnerability in FireEye's core product, which if exploited, results in unauthorized file disclosure. As proof, he also posted a brief example of how to trigger the vulnerability and a copy of the /etc/passwd file. What's more, he claims to have three other vulnerabilities, and says they're for sale.

    Based on the published information on Exploit-DB and Pastebin, the basic setup of the compromised appliance is exactly what you'd expect it to be; the box has Apache, pushing PHP, running as root.

    The other listed services are also expected on a forward facing Web-appliance, including SSH and FTP. However, the disclosed flaw looks to be centered in a PHP script on the FireEye appliance itself.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page