Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Privilege escalation flaw in AClient Service for Windows (Version 5.6.181).
From: Reed Arvin <reedarvin () gmail com>
Date: 19 Nov 2004 06:10:54 -0000


Summary:
A privilege escalation flaw exists in the AClient Service for Windows (Version 5.6.181) (http://www.altiris.com/).

Details:
A privilege escalation technique can be used to gain SYSTEM level
access while interacting with the AClient Service for Windows tray icon.

Vulnerable Versions:
Altiris Deployment Solution 5.6 SP1 (Hotfix E)

Solutions:
The vendor was notified of the issue. There was no technical response. The vendor will not give support without a 
support contract.

Exploit:
1. Right click on the Altiris Client Service icon in the Taskbar and choose View Log File
2. Notepad should open. Click File, click Open
3. In the Files of type: field choose All Files
4. Navagate to %WINDIR%\System32\
5. Right click on cmd.exe and choose Open
6. A new command shell with launch with SYSTEM privileges

Discovered by Reed Arvin reedarvin[at]gmail[dot]com

  By Date           By Thread  

Current thread:
  • Privilege escalation flaw in AClient Service for Windows (Version 5.6.181). Reed Arvin (Nov 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]