###########################

# Virtuozzo Power Panel (VZPP) 6.1.2 Buffer Over-Read Vulnerability

###########################

------------------------------------------------------------------------
Buffer over-read vulnerability in Virtuozzo Power Panel (VZPP) and
Automator
------------------------------------------------------------------------
Sipke Mellema, July 2017

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Virtuozzo Power Panel is a solution that allows customers of service
providers to manage their virtual environments. Virtuozzo Automator is
an administrative tool for managing the service provider's virtual
infrastructure. Both products are affected by a buffer over-read
vulnerability that allows attackers to read random server memory.

------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
This issue was tested on Virtuozzo Power Panel version 6.1.2.

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
A fix for this issue is included in the following software versions:
- Virtuozzo Power Panel 6.1.2-hotfix5
- Virtuozzo Automator 6.1.2-hotfix5 and 7.0.2-hotfix1

------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://www.securify.nl/advisory/SFY20170701/buffer-over-read-vulnerability-in-virtuozzo-power-panel-_vzpp_-and-automator.html


###########################

# Iranian Exploit DataBase = http://IeDb.Ir [2017-07-07]

###########################