header-logo
Suggest Exploit
vendor:
Panda Security
by:
SecurityFocus
7.5
CVSS
HIGH
Bypass Restrictive Policies
255
CWE
Product Name: Panda Security
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 9x
2002

Panda Security Weakness

Panda Security is a user management application for Windows 9x. With it, certain functions can be prohibited for specific users. One of the restrictive policies possible is to disable registry editing. However, even with this feature activated, any user can edit the registry by either executing a *.reg file or renaming and then executing regedit.exe. As the restriction settings for Panda are stored in the registry, this weakness negates the effectiveness of the rest of the Panda software. In addition, users can uninstall Panda Security through the Add/Remove Programs applet in the Control Panel. An error message will appear when the user attempts to uninstall Panda Security. However upon reboot, the application will have been successfully uninstalled.

Mitigation:

Ensure that the registry editing feature is disabled for all users and that the Panda Security application is not uninstalled.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1119/info

Panda Security is a user management application for Windows 9x. With it, certain functions can be prohibited for specific users.

One of the restrictive policies possible is to disable registry editing. However, even with this feature activated, any user can edit the registry by either executing a *.reg file or renaming and then executing regedit.exe. As the restriction settings for Panda are stored in the registry, this weakness negates the effectiveness of the rest of the Panda software.

In addition, users can uninstall Panda Security through the Add/Remove Programs applet in the Control Panel. An error message will appear when the user attempts to uninstall Panda Security. However upon reboot, the application will have been successfully uninstalled.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19855.zip

Navigation

Suggest Exploit

Services By CQR