I wrote a thing about a thing.
-
I wrote a thing about a thing.
Specifically, Finding Vulnerabilities with Crassus – A Case Study with ESET.
I created Crassus on a whim a few years ago, and it's interesting to see that it still can find things.
It's also interesting (disappointing) that reporting vulnerabilities to vendors is still as painful as ever.
-
I wrote a thing about a thing.
Specifically, Finding Vulnerabilities with Crassus – A Case Study with ESET.
I created Crassus on a whim a few years ago, and it's interesting to see that it still can find things.
It's also interesting (disappointing) that reporting vulnerabilities to vendors is still as painful as ever.
@wdormann "Currently it is not possible to improve behavior."
-____________-
-
I wrote a thing about a thing.
Specifically, Finding Vulnerabilities with Crassus – A Case Study with ESET.
I created Crassus on a whim a few years ago, and it's interesting to see that it still can find things.
It's also interesting (disappointing) that reporting vulnerabilities to vendors is still as painful as ever.
@wdormann
You did Crassus? Nice, thanks. -
@wdormann
You did Crassus? Nice, thanks.@FritzAdalis
I'm flattered that you even knew about it!
-
@wdormann
You did Crassus? Nice, thanks.@FritzAdalis @wdormann also came here to say exactly this. Kudos
I've been looking to play around with this for a while as it looks awesome.
-
I wrote a thing about a thing.
Specifically, Finding Vulnerabilities with Crassus – A Case Study with ESET.
I created Crassus on a whim a few years ago, and it's interesting to see that it still can find things.
It's also interesting (disappointing) that reporting vulnerabilities to vendors is still as painful as ever.
@wdormann Hey, thanks for the report and sorry about that response. Whoever wrote it was not being very helpful, I'll look into that. By "another product" they mean ESET Endpoint Security which has a driver that (should) enforce self-defense on the path. Without EES, EIConnector doesn't work. That however doesn't make this finding invalid, if you are somehow able to install one without the other.
-
@wdormann Hey, thanks for the report and sorry about that response. Whoever wrote it was not being very helpful, I'll look into that. By "another product" they mean ESET Endpoint Security which has a driver that (should) enforce self-defense on the path. Without EES, EIConnector doesn't work. That however doesn't make this finding invalid, if you are somehow able to install one without the other.
@j91321
Thanks.I think at the end of the day, "Product
<foo>is vulnerable, but product<bar>mitigates it", does not change the fact that "Product<foo>is vulnerable"Specifically, in my original analysis, I installed the product with ESET Endpoint Antivirus 11.0.2044.0, and that product does not do anything to mitigate the vulnerability.
I don't know if it's an EEA vs. EES thing, or a version number thing. But either way, it is indeed possible to install ESET Inspect Connector in a way that truly is vulnerable.
Personally, I think that if ESET Inspect Connector contains a vulnerability, then that product itself should get the attention it needs to mitigate it, without relying on another product to mitigate it.
-
R relay@relay.infosec.exchange shared this topic
