Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central
Dec 31 2014 02:17AM
Pedro Ribeiro (pedrib gmail com)
This is part 10 of the ManageOwnage series. For previous parts, see .
This time we have a vulnerability that allows an unauthenticated user
to create an administrator account, which can then be used to execute
code on all devices managed by Desktop Central (desktops, servers,
[ more ]
Copyright 2010, SecurityFocus