Forum Thread:

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
All Threads

This user no longer exists
Member 1st Jan, 1970 01:00
Ranking: 0
Posts: 0
User Since: 1st Jan, 1970
System Score: N/A
Location: N/A
Last edited on 1st Jan, 1970 01:00


daveyeisley RE: Comodo Internet Security GeekBuddy VNC Privilege Escalation Security Issue
Member 28th Feb, 2016 05:20
Score: 1
Posts: 3
User Since: 28th Feb 2016
System Score: N/A
Location: US
Last edited on 28th Feb, 2016 05:30
I was alerted by PSI that my Comodo software needed a manual update. I clicked the entry in the system scan window, and it brought me to the download page. I downloaded the newest version of Comodo Free Firewall - filename "cmd_fw_installer_6113_c7.exe". The installer executable properties showed the file version as 8.2.0.4792.

I ran the installer, and I opted out of GeekBuddy and Chromodo browser. I also opted out of Comodo DNS.

The installer completed successfully and I rebooted. No issues.

While it was annoying that this removed my previous HIPS exlcusions (which break Sandboxie - I disable the auto-sandboxing of comodo because I prefer Sandboxie), Comodo seemed to be healthy and when I checked for updates it showed as fully patched.

Imagine my surprise when I re-scanned my system with PSI and it still showed that Comodo was vulnerable and unpatched. I got the file details, and sure enough, when I went to the program files directory and checked CIS.exe file properties, it was showing the old, vulnerable version number. PSI was not lying to me.

However, I then fully uninstalled Comodo to remove the old file (thinking perhaps the new version installer might have just skipped the file), rebooted, checked and made absolutely certain the old CIS.exe file was gone. Then I ran the installer again, same opt-outs. Rebooted again.

Comodo ran just fine, no updates when I checked, fully patched. I re-scanned with PSI, same issue. Checked the file properties on CIS.exe again, same old version. So a fresh download/install from the webpage that PSI directs users to download the patched software from is *not* resolving this vulnerability. At least, not if they opt out of GeekBuddy and/or Chromodo.

I am not sure at this point if my system is vulnerable - because the file version indicates that I am, but the vulnerability relies on a module of the software that is not installed on my system.
Was this reply relevant?
+1
-0
g3ntyuk RE: Comodo Internet Security GeekBuddy VNC Privilege Escalation Security Issue
Member 4th Mar, 2016 13:47
Score: 2
Posts: 8
User Since: 11th Jan 2008
System Score: N/A
Location: UK
Im too having this problem and have gone through similar steps, it still shows the old version in psi but i have the latest version installed. Im undecided wether or not this is just a bug or something of the sort.
Was this reply relevant?
+1
-0
genegold99 RE: Comodo Internet Security GeekBuddy VNC Privilege Escalation Security Issue
Member 6th Mar, 2016 05:06
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
The last two replies are not related to the posted issue, but are further examples of what's reported in another thread: http://secunia.com/community/forum/thread/show/156... It might help get the version issue resolved if they were posted there.
Was this reply relevant?
+0
-1
daveyeisley RE: Comodo Internet Security GeekBuddy VNC Privilege Escalation Security Issue
Member 6th Mar, 2016 20:06
Score: 1
Posts: 3
User Since: 28th Feb 2016
System Score: N/A
Location: US
Agree to disagree, good sir. The thread you linked is locked, for one. Also, the two posts previous to yours were directly relevant to the vulnerability (trying to resolve it), and confusions as to how to resolve it based on the Secunia writeup on the topic, since PSI is giving conflicting information.
Was this reply relevant?
+0
-0
genegold99 RE: Comodo Internet Security GeekBuddy VNC Privilege Escalation Security Issue
Member 6th Mar, 2016 20:30
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
Sorry, I missed that my thread was locked. Your point beyond that is rather elliptically stated, but as far as I can tell neither of the two earlier replies referred to GeekBuddy, the subject of the thread, but did refer to the discrepancy in version numbers re CIS and Secunia, which is a different subject. Excuse me if I have misread those.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Comodo Internet Security GeekBuddy VNC Privilege Escalation Security Issue
Handling Contributor 6th Mar, 2016 22:44
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@genegold99

As you are perhaps aware threads that have no response within 7 days are auto locked.

Secunia (now Flexera) Support have not been active in a help capacity on the Forum for over a year. Even when active they rarely answered questions on threads created by them under the Vulnerability Sub Forum to INFORM users of an issue.

I am happy to reopen your thread if you think it would be helpful but I would advise you all to contact Flexera with your individual details as requested in the FAQ when a query exists on any of their information.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
genegold99 RE: Comodo Internet Security GeekBuddy VNC Privilege Escalation Security Issue
Member 6th Mar, 2016 22:58
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
Ok, so as I understand it, an email to Secunia/Flexera is the best way to report a problem of this kind. Where is the FAQ you mention?
Was this reply relevant?
+0
-0
Maurice Joyce RE: Comodo Internet Security GeekBuddy VNC Privilege Escalation Security Issue
Handling Contributor 7th Mar, 2016 12:19
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
If you have not located the FAQ's yourself an extract is here:

How can I suggest a feature or report an error in the Secunia PSI?

For all feature requests or error inquiries, please submit your suggestions or error reports to support@secunia.com (including screenshots, whenever possible).

You can also post to our community forum, found at http://secunia.com/community/forum/



As I previously stated forget the Forum option because the chances of any response from Flexera Support are minus zero.


--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0