============================================================
Product: ESET File Security
OS: Linux / FreeBSD
Type: Arbitrary File Deletion
Fixed Version: 4.5.13.0
Vulnerable Version: All Prior Versions
Impact: High
Date: 2019-02-07
Found By: RACK911 Labs
============================================================
Product Description:
-------------------
Safeguard your Linux, BSD, and Solaris file servers with ESET File Security's real-time protection from known and emerging threats. With ESET, you will never have to choose between security and performance.
Vulnerability Description:
-------------------------
Malware under certain circumstances can trigger an Arbitary File Delection which could cause any file on the server, including root owned files, to be deleted.
Vendor Contact Timeline:
-----------------------
2018-09-28: Vendor contacted via email.
2018-10-05: Vendor acknowledges report.
2018-11-28: Vendor confirms vulnerability.
2019-02-07: Vendor issues product update.
2019-02-07: RACK911 Labs issues advisory.
Reference(s):
------------
https://www.eset.com/int/business/file-security-linux/download/
^- Change log discusses vulnerability.
https://www.eset.com/ca/business/server-antivirus/file-security-linux/
About Us:
--------
https://www.RACK911Labs.com
RACK911 Labs
1110 Palms Airport Drive, Suite 110
Las Vegas, NV 89119
1-855-RACK911
============================================================
UNSUBSCRIBE:
https://hostingseclist.us3.list-manage.com/unsubscribe?u=722bc323a024d15a407baae81&id=f512fc2224&e=[UNIQID]&c=5e58533377
FORWARD EMAIL:
https://us3.forward-to-friend.com/forward?u=722bc323a024d15a407baae81&id=5e58533377&e=[UNIQID]
UPDATE PROFILE:
https://hostingseclist.us3.list-manage.com/profile?u=722bc323a024d15a407baae81&id=f512fc2224&e=[UNIQID]&c=5e58533377