Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 5 Dec 2006 20:47:41 +0100

On 2006-12-05 eugeny gladkih wrote:
"MS" == Michael Scheidell <scheidell () secnap net> writes:
we've found local privilege escalation in Symantec LiveState agent.

PoC:

1. kill shstart.exe process

Wouldn't you have to be administrator to kill shstart.exe?

LocalSystem account has more privilegies then administrator's one.

So? As an administrator you can gain SYSTEM privileges at any time. This
behaviour is by design.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]