[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Symantec LiveState Agent for Windows vulnerabi

To: eugeny gladkih <john@xxxxxxxxx>, Michael Scheidell <scheidell@xxxxxxxxxx>
Subject: Re: Symantec LiveState Agent for Windows vulnerabi
From: Damjan <damjan@xxxxxxxxxxx>
Date: Tue, 05 Dec 2006 21:09:40 +0100

>  >> we've found local privilege escalation in Symantec LiveState agent.
>  >> 
>  >> PoC:
>  >> 
>  >> 1. kill shstart.exe process
> 
>  MS> Wouldn't you have to be administrator to kill shstart.exe?
> 
> LocalSystem account has more privilegies then administrator's one.


I don't think so. I think, SYSTEM account has less or same privileges than 
Administrator. Or?

Greetings

Follow-Ups:
- Re: Symantec LiveState Agent for Windows vulnerabi
  - From: eugeny gladkih

Prev by Date: eEye's Zero-Day Tracker Launch
Next by Date: Re: Re: [Aria-Security Team] uGestBook SQL Injection Vuln
Previous by thread: eEye's Zero-Day Tracker Launch
Next by thread: Re: Symantec LiveState Agent for Windows vulnerabi
Index(es):
- Date
- Thread