Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege EscalationFrom: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net> Date: Tue, 5 Dec 2006 20:47:41 +0100
On 2006-12-05 eugeny gladkih wrote:
"MS" == Michael Scheidell <scheidell () secnap net> writes:
we've found local privilege escalation in Symantec LiveState agent.
1. kill shstart.exe process
Wouldn't you have to be administrator to kill shstart.exe?
LocalSystem account has more privilegies then administrator's one.
So? As an administrator you can gain SYSTEM privileges at any time. This
behaviour is by design.
"All vulnerabilities deserve a public fear period prior to patches
--Jason Coombs on Bugtraq