======================================================================
Secunia Research 21/12/2004
- Spy Sweeper Enterprise Client Privilege Escalation Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
======================================================================
1) Affected Software
Spy Sweeper Enterprise 1.5.1 (Build 3698)
NOTE: Other versions may also be affected.
======================================================================
2) Severity
Rating: Less Critical
Impact: Privilege Escalation
Where: Local System
======================================================================
3) Vendor's Description of Software
Spy Sweeper Enterprise:
"Webroot Spy Sweeper Enterprise provides comprehensive spyware
protection for corporations. Using a client / server architecture,
Spy Sweeper Enterprise proactively detects and removes all forms of
spyware and malware within the organization".
Product link:
http://www.webroot.com/products/spysweeper/enterprise/
======================================================================
4) Description of Vulnerability
Secunia Research has discovered a vulnerability in Spy Sweeper
Enterprise, which can be exploited by malicious, local users to gain
escalated privileges.
The vulnerability is caused due to the Spy Sweeper Enterprise Client
"SpySweeperTray.exe" process invoking the help functionality with
SYSTEM privileges.
This can be exploited to execute arbitrary commands on a system with
escalated privileges.
======================================================================
5) Solution
The vendor has issued version 2.0, which fixes the vulnerability.
======================================================================
6) Time Table
15/11/2004 - Vulnerability discovered.
15/11/2004 - Vendor notified.
15/11/2004 - Vendor response.
19/12/2004 - Vendor issues version 2.0.
21/12/2004 - Public disclosure.
======================================================================
7) Credits
Discovered by Carsten Eiram, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has not
currently assigned the vulnerability a candidate number.
======================================================================
9) About Secunia
Secunia collects, validates, assesses, and writes advisories regarding
all the latest software vulnerabilities disclosed to the public. These
advisories are gathered in a publicly available database at the
Secunia website:
http://secunia.com/
Secunia offers services to our customers enabling them to receive all
relevant vulnerability information to their specific system
configuration.
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/secunia_security_advisories/
======================================================================
10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2004-14/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
======================================================================
Received on Dec 21 2004
Intro
