Summary
The host is installed with iBackup and is
prone to local privilege escalation vulnerability.
Impact
Successful exploitation will allow local
attacker to gain elevated privileges.
Impact Level: System/Application
Solution
No solution or patch is available as of
9th February, 2015. Information regarding this issue will be updated once the solution details are available. For updates refer to https://www.ibackup.com
Insight
Flaw exists as the program uses insecure
permissions which can allow anyone to replace the ib_service.exe with an executable of their choice that is loaded on system or service restart.
Affected
iBackup version 10.0.0.32 and prior on
Windows.
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-5507 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Windows)
- Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
- Adobe AIR Multiple Vulnerabilities -02 April 13 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Flash Media Server Multiple Remote Security Vulnerabilities