Notification

Icon
Error

7-Zip Arbitrary Code Execution Vulnerability Check

Posted: Friday, May 4, 2018 2:13:36 PM(UTC)
Esben.D

Esben.D

Member Administration Original PosterPosts: 1,676
6
Like
Update 7th of May, posted a different report that is immune to conversion errors: due to the high variance in the formatting of 7-zip version numbers our previous report could cause conversion errors in certain installations. The new report lists all computers that don't have the current latest version of 7-zip installed (18.05), but will need to be adjusted when newer versions are released.

This report lists all computers which have an installation of a 7-Zip version lower than 18.05 and are vulnerable to the 7-Zip Arbitrary Code Execution Vulnerability. If vulnerable assets are found, you can patch them by using the steps in the 7-Zip Arbitrary Code Execution Vulnerability Announcement.

To run this report, do the following:
  • Open the report builder in the Lansweeper web console under Reports/Create New Report.
  • Paste the SQL query (report) found below at the bottom of the page, replacing the default SQL query.
  • Left-click somewhere in the upper section of the page so the query applies.
  • Give the report a title.
  • Hit the Save & Run button to save the report. Export options are listed on the left.
Code:
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblSoftware.Lastchanged
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%7-Zip%' And
tblSoftware.softwareVersion Not Like '%18.05%' And tblState.Statename =
'Active'
Order By tblAssets.Domain,
tblAssets.AssetName,
Software
Esben.D
#1Esben.D Member Administration Original PosterPosts: 1,676  
posted: 5/4/2018 2:22:00 PM(UTC)
If you have any questions regarding the report, please contact us via email at support@lansweeper.com

Active Discussions

Lansweeper Firefox 67.0.3 zero-day vulnerability
by  B Claeys   Go to last post Go to first unread
Last post: Today at 3:13:30 PM(UTC)
Lansweeper BlueKeep Vulnerability
by  heybobby1  
Go to last post Go to first unread
Last post: Today at 3:02:34 PM(UTC)
Lansweeper VLC Player CVE-2019-5439
by  Esben.D   Go to last post Go to first unread
Last post: Yesterday at 9:19:29 AM(UTC)
Lansweeper Enabled/Disabled Local/AD Admin accounts
by  vqT4cDoP9iXyMZwoDUWU  
Go to last post Go to first unread
Last post: 6/17/2019 9:12:30 PM(UTC)
Lansweeper code in posts
by  AZHockeyNut   Go to last post Go to first unread
Last post: 6/14/2019 4:39:46 PM(UTC)
Lansweeper Adding more info to asset report
by  RC62N   Go to last post Go to first unread
Last post: 6/13/2019 9:46:31 PM(UTC)
Report Center Top 5 Average RAM Usage
by  Esben.D  
Go to last post Go to first unread
Last post: 6/13/2019 1:15:31 PM(UTC)