|
Hi, We are running a vulnerability scan and it states that it has found SANS07C4 and SANS07C1 relating to Adobe Reader / Adobe Flash Player. We have totally uninstalled Adobe Reader / Flash player and cleared out the registry on the computer for anything Adobe / Macromedia related as per their knowledge base articles. I have contacted GFI who run the LanGuard vulnerability scanner and they are at a loss too. Would someone know what paths / ocx / dll's these are actually checking for? Kind Regards and thanks in advance! Mark |
MarkZ 4 Posts |
| thread locked Quote Subscribe |
May 6th 2014 8 years ago |
|
The plot thickens - if we run an audit scan again the host with Nessus it only showed that Adobe 13 was installed (it was put back on by a user) and nothing relating to Adobe Flash was exploitable. Im just wondering what the SANS07C4 is referring to: ANS07C4: Adobe Flash Player 8.0.34.0 and earlier vulnerable to CSRF attack Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which potentially allows remote attackers to conduct a CSRF attack via a crafted SWF file. As only Adobe Flash player 13 is detected as below: Nessus found the following instances of Flash Player installed on the remote host : - ActiveX control (for Internet Explorer) : C:\Windows\system32\Macromed\Flash\Flash64_13_0_0_206.ocx, 13.0.0.206 Regards, Mark |
MarkZ 4 Posts |
| Thread locked. Quote |
May 13th 2014 8 years ago |
|
As far as SANS is concerned, maybe "SANS07C4" stands for "SANS 2007 Critical Control 4" referring to the SANS Critical Controls. But then again, they are not really that specific. I think your hunch that this stands for "ANS" not "SANS" makes sense. |
Johannes 4472 Posts ISC Handler |
| Thread locked. Quote |
May 13th 2014 8 years ago |
|
Hi Johannes, Thank you very much for your reply - appreciate it. Unfortunately it line broke me off - when copy pasting! Best Regards, Mark |
MarkZ 4 Posts |
| Thread locked. Quote |
May 13th 2014 8 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
