Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate. NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ESET Endpoint Antivirus 安全漏洞
Vulnerability Description
ESET Endpoint Antivirus for macOS 6.4.168.0之前的版本和Endpoint Security for macOS 6.4.168.0之前的版本中的esets_daemon服务存在安全漏洞,该漏洞源于程序没有正确的审核来自edf.eset.com SSL服务器上的X.509证书。攻击者可借助自签证书利用该漏洞实施中间人攻击者,欺骗服务器,并授权激活请求。
CVSS Information
N/A
Vulnerability Type
N/A