[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation

To: "ss_team" <ssteam.pl@xxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
From: "Michael Scheidell" <scheidell@xxxxxxxxxx>
Date: Tue, 5 Dec 2006 07:40:59 -0500

> -----Original Message-----
> From: ss_team [mailto:ssteam.pl@xxxxxxxxx] 
> Sent: Monday, December 04, 2006 11:28 AM
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Subject: Symantec LiveState Agent for Windows vulnerability - 
> Local Privilege Escalation
> 
> 
> hello,
> 
> we've found local privilege escalation in Symantec LiveState agent.
> 
> PoC:
> 
> 1. kill shstart.exe process

Wouldn't you have to be administrator to kill shstart.exe?


> 2. from symantec livestate agent icon in systray choose "Web 
> Self-Service"
> 3. New browser window will open, it is running with SYSTEM privileges.
> 
> tested on fully patched Win XP SP2, Symantec LiveState agent 7.1
> 
> 
> Credits: marc & shb
> 
> 
> -- 
> http://ssteam.ath.cx
>

Follow-Ups:
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
  - From: eugeny gladkih

Prev by Date: SNORT Covered channels detector patch
Next by Date: Re: GnuPG 1.4 and 2.0 buffer overflow
Previous by thread: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
Next by thread: Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
Index(es):
- Date
- Thread