Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Symantec LiveState Agent for Windows vulnerabi
From: eugeny gladkih <john () drweb com>
Date: Wed, 06 Dec 2006 00:24:46 +0300

"D" == Damjan  <damjan () widesec com> writes:

we've found local privilege escalation in Symantec LiveState agent.

PoC:

1. kill shstart.exe process

 MS> Wouldn't you have to be administrator to kill shstart.exe?

LocalSystem account has more privilegies then administrator's one.


 D> I don't think so. I think, SYSTEM account has less or same
 D> privileges than Administrator. Or? 

SeTCBPrivilege SeCreateTokenPrivilege

-- 
Yours sincerely, Eugeny.
Doctor Web, Ltd. http://www.drweb.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault