COMMAND

    Panda Security

SYSTEMS AFFECTED

    Panda Security 3.0 (build 3.0.0.71/96) on Win9x

PROBLEM

    |Zan (DeepZone) found following.  Panda Security 3.0's all  builds
    ('<3.0.2.0')  present  several  important  vulnerabilities.    Any
    local  logged  user  can  override  his/her privileges.  Any local
    logged user  can become  Administrator in  a system  running Panda
    Security  3.0.   Ideas,  exploits  &  rootkit  were tested against
    Panda Security's spanish versions (builds 3.0.0.71/96).

    Panda Security 3.0 is vulnerable to indirect key merging. Critical
    keys  protecting  this   product  can  be   override  easily.    A
    programming error doesn't  protect these keys  in registry so  any
    local logged  user can  introduce new  values overriding  original
    values.

    Other bug found in Panda Security will let uninstall this  product
    without any  problem.   Panda Security  doesn't check  wininit.exe
    activity  so  any  software  (including  Panda  Security)  can  be
    uninstalled by any generic uninstaller.

    Full details, exploits and a  patch to keep PS's full  control can
    be found in ...

        http://deepzone.cjb.net

SOLUTION

    Panda  Software  was  contacted.    Patches  and  a  new   release
    (3.0.2.0) will be available soon fixing these bugs in ...

        http://www.pandasoftware.es       (spanish version)
        http://www.pandasoftware.com      (international version)

    Official releases list provided directly by Panda Software is ...

        3.0.0.77     Simo 99                    => Vulnerable
        3.0.0.90     Multimedia Ediciones       => Vulnerable
        3.0.0.96     January 2000               => Vulnerable
        3.0.0.97                                => Vulnerable
        3.0.0.100                               => Vulnerable