Full Disclosure mailing list archives

Re: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability [iDEFENSE]

From: bashis <mcw () wcd se>
Date: Wed, 15 Sep 2004 19:20:45 +0200 (CEST)

Reference: http://www.securityfocus.com/archive/1/375244/2004-09-12/2004-09-18/0
I do a cc to Full Disclosure

McAfee VirusScan version 4.5.1 running on Windows 2000 Professional
and Windows XP Professional operating systems is vulnerable. It is
suspected that McAfee VirusScan 4.5 is also vulnerable.


Nothing new realy..

There is a trick to get SYSTEM shell in VirusScan Enterprise 7.1.0
and the 'brand' new version 8.0.0 also.

Do a new task, for a example "Update" and choose a program to run after the task,
do this task to run with a schedule, efter this task is done
the chosen program is running with SYSTEM priviligies.

Well, cmd.exe dosn't pop up on screen,
but connect back or portbind stuff works just fine..

Have a nice day
/bashis

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability [iDEFENSE] bashis (Sep 15)
- <Possible follow-ups>
- RE: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability [iDEFENSE] Francis Favorini (Sep 15)
  - Re: RE: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability bashis (Sep 15)