RSS   Vulnerabilities for 'Webdrive'   RSS

2010-01-13
 
CVE-2009-4606

CWE-264
 

 
South River Technologies WebDrive 9.02 build 2232 installs the WebDrive Service without a security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.

 

 >>> Vendor: South river technologies 2 Products
Titan ftp server
Webdrive


Copyright 2024, cxsecurity.com

 

Back to Top