Chemical Safety Incidents
Zero Day in FireEye Antivirus
Tuesday, September 8, 2015 @ 04:09 PM gHale
There is a Zero Day vulnerability in FireEye’s antivirus, along with three other vulnerabilities, a researcher said.
The Zero Day vulnerability provides “unauthorized remote root file system access” to affected FireEye applications, according to a posting from Kristian Erik Hermansen, a security researcher based in Los Angeles, on the Exploit Database blog post.
“Just one of many handfuls of FireEye / Mandiant 0day. Been sitting on this for more than 18 months with no fix from those security ‘experts’ at FireEye. Pretty sure Mandiant staff coded this and other bugs into the products. Even more sad, FireEye has no external security researcher reporting process.
“FireEye appliance, unauthorized remote root file system access. Oh cool, web server runs as root! Now that’s excellent security …,” Hermansen said.
The flaw is in a PHP script which runs on a Web-facing Apache server. The vulnerability, which can end up triggered remotely, when used, provides attackers with access to local files.
The other vulnerabilities are basic command injections and login bypass bugs. No extra details ended up posted about them.