Full Disclosure: Re: AVAST Internet Security Suite

Nmap Security Scanner
- Intro
- Ref Guide
- Install Guide
- Download
- Changelog
- Book
- Docs
Security Lists
- Nmap Hackers
- Nmap Dev
- Bugtraq
- Full Disclosure
- Pen Test
- Basics
- More
Security Tools
Site News
Advertising
About/Contact
Sponsors:

Re: AVAST Internet Security Suite - Persistent Vulnerabilities

From: security curmudgeon <jericho () attrition org>
Date: Fri, 5 Jul 2013 14:27:26 -0500 (CDT)


Seriously?

Your avast! issues weren't tested properly it seems. The command shell youinvoke is running with the same privileges as the user installing/runningthe software.

There is no privilege escalation based on the 'exploit' you report. Theseare not vulnerabilities.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

AVAST Internet Security Suite - Persistent Vulnerabilities Vulnerability Lab (Jul 04)
- <Possible follow-ups>
- Re: AVAST Internet Security Suite - Persistent Vulnerabilities security curmudgeon (Jul 06)