Cisco AMP for Endpoints and ClamAV Privilege Escalation Vulnerability

A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system.

The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-famp-ZEpdXy

Security Impact Rating: Medium

CVE: CVE-2020-3350

Related:

  • No Related Posts

Error: “Previous Upload to cis.citrix.com failed. Network Error While Connecting cis.citrix.com” with Code 10


The error message indicates that the Call Home upload toCitrix.comfailed. This can happen due to multiple reasons, including there was simply no connectivity from the License Server toCitrix.com, or the presence of a Firewall or Network Proxy in the environment.


To troubleshoot the underlying cause of the failure, please follow the steps below:

  1. Make sure the License Server has network connectivity and can connect tocis.citrix.comover port 443
  2. If you will have to configure a proxy, please refer to the following documentation for the steps:Configure a Proxy server.Please note that Licensing service needs to be restarted for the changes to take effect.
  3. If there are no proxies required to reachcis.citrix.comfrom the server, it is possible that there was a network error at the time of upload attempt and that has been resolved since then. Once an upload fails, the Upload failure status is tracked through an XML file (Upload_result.xml). So even when the network issue is resolved or when Call Home is subsequently disabled after an upload failure, unless the XML file is manually deleted, you will continue to see the error. The following steps will get rid of the error message:
    1. Browse toC:Program Files (x86)CitrixLicensingLSresourceusagefolder.
    2. Take a copy of the contents of this folder for backup purposes and empty this folder.
    3. Restart theCitrix Webservice for Licensing servicefrom the Services console.
  4. If none of the steps above resolved the issue, you can disable Call Home following the steps outlined inCTX220679

Related:

Error: Previous Upload to cis.citrix.com failed. Uploader failed for reason “Network Error while connecting cis.citrix.com” with code 10


The error message indicates that the Call Home upload toCitrix.comfailed. This can happen due to multiple reasons, including there was simply no connectivity from the License Server toCitrix.com, or the presence of a Firewall or Network Proxy in the environment.


To troubleshoot the underlying cause of the failure, please follow the steps below:

  1. Make sure the License Server has network connectivity and can connect tocis.citrix.comover port 443
  2. If you will have to configure a proxy, please refer to the following documentation for the steps:Configure a Proxy server.Please note that Licensing service needs to be restarted for the changes to take effect.
  3. If there are no proxies required to reachcis.citrix.comfrom the server, it is possible that there was a network error at the time of upload attempt and that has been resolved since then. Once an upload fails, the Upload failure status is tracked through an XML file (Upload_result.xml). So even when the network issue is resolved or when Call Home is subsequently disabled after an upload failure, unless the XML file is manually deleted, you will continue to see the error. The following steps will get rid of the error message:
    1. Browse toC:Program Files (x86)CitrixLicensingLSresourceusagefolder.
    2. Take a copy of the contents of this folder for backup purposes and empty this folder.
    3. Restart theCitrix Webservice for Licensing servicefrom the Services console.
  4. If none of the steps above resolved the issue, you can disable Call Home following the steps outlined inCTX220679

Related:

Error: “Previous Upload to cis.citrix.com Failed. Network Error While Connecting cis.citrix.com” with Code 6

The error message indicates that the Call Home upload toCitrix.comfailed. This can happen due to multiple reasons, including there was simply no connectivity from the License Server toCitrix.com, or the presence of a Firewall or Network Proxy in the environment.


To troubleshoot the underlying cause of the failure, please follow the steps below:

  1. Make sure the License Server has network connectivity and can connect tocis.citrix.comover port 443
  2. If you will have to configure a proxy, please refer to the following documentation for the steps:Configure a Proxy server.Please note that Licensing service needs to be restarted for the changes to take effect.
  3. If there are no proxies required to reachcis.citrix.comfrom the server, it is possible that there was a network error at the time of upload attempt and that has been resolved since then. Once an upload fails, the Upload failure status is tracked through an XML file (Upload_result.xml). So even when the network issue is resolved or when Call Home is subsequently disabled after an upload failure, unless the XML file is manually deleted, you will continue to see the error. The following steps will get rid of the error message:
    1. Browse toC:Program Files (x86)CitrixLicensingLSresourceusagefolder.
    2. Take a copy of the contents of this folder for backup purposes and empty this folder.
    3. Restart theCitrix Webservice for Licensing servicefrom the Services console.
  4. If none of the steps above resolved the issue, you can disable Call Home following the steps outlined inCTX220679

Related:

License Server – Call Home Failing and Logging an Error in Director – Uploader Failed “Network SSL Error When Connecting to citrix.com” Code 7

The error message indicates that the Call Home upload tocis.citrix.comfailed. This can happen due to multiple reasons, including there was simply no connectivity from the License Server tocis.citrix.com, or the presence of a Firewall or Network Proxy in the environment.

To troubleshoot the underlying cause of the failure, please follow the steps below:

  1. Make sure the License Server has network connectivity and can connect tocis.citrix.comover port 443
  2. If you will have to configure a proxy, please refer to the following documentation for the steps:Configure a Proxy server.Please note that Licensing service needs to be restarted for the changes to take effect.
  3. If there are no proxies required to reachcis.citrix.comfrom the server, it is possible that there was a network error at the time of upload attempt and that has been resolved since then. Once an upload fails, the Upload failure status is tracked through an XML file (Upload_result.xml). So even when the network issue is resolved or when Call Home is subsequently disabled after an upload failure, unless the XML file is manually deleted, you will continue to see the error. The following steps will get rid of the error message:
    1. Browse toC:Program Files (x86)CitrixLicensingLSresourceusagefolder.
    2. Take a copy of the contents of this folder for backup purposes and empty this folder.
    3. Restart theCitrix Webservice for Licensing servicefrom the Services console.
  4. If none of the steps above resolved the issue, you can disable Call Home following the steps outlined inCTX220679

Related:

Error: “Previous Upload to cis.citrix.com Failed. Network Error While Connecting cis.citrix.com” with Code 5

The error message indicates that the Call Home upload to Citrix.com failed. This can happen due to multiple reasons, including there was simply no connectivity from the License Server to Citrix.com, or the presence of a Firewall or Network Proxy in the environment.

To troubleshoot the underlying cause of the failure, please follow the steps below:

  1. Make sure the License Server has network connectivity and can connect to cis.citrix.com over port 443
  2. If you will have to configure a proxy, please refer to the following documentation for the steps: Configure a Proxy server. Please note that Licensing service needs to be restarted for the changes to take effect.
  3. If there are no proxies required to reach cis.citrix.com from the server, it is possible that there was a network error at the time of upload attempt and that has been resolved since then. Once an upload fails, the Upload failure status is tracked through an XML file (Upload_result.xml). So even when the network issue is resolved or when Call Home is subsequently disabled after an upload failure, unless the XML file is manually deleted, you will continue to see the error. The following steps will get rid of the error message:
    1. Browse to C:Program Files (x86)CitrixLicensingLSresourceusage folder.
    2. Take a copy of the contents of this folder for backup purposes and empty this folder.
    3. Restart the Citrix Webservice for Licensing service from the Services console.
  4. If none of the steps above resolved the issue, you can disable Call Home following the steps outlined in CTX220679

Related:

Site aggregation fails with error “We couldn't find your site”

This issue is seen because the Proxy logic in the Citrix Cloud Connector expects all the entries in Proxy By-Pass list in all lower case and hence fails to process the entire Proxy By-Pass list, if even one entry is in All Capital or Mixed case.

Due to this, the Web Relay agent services reach out to the Proxy Server to contact the XML Service running on the On-Prem delivery controller.

Since the Proxy servers are not configured to resolve the internal FQDNs, the above service is unable to resolve the Delivery controller addresses and hence the site aggregation fails.

Related:

  • No Related Posts