Bugtraq mailing list archives
Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Tue, 05 Dec 2006 12:19:40 -0800
On 12/5/06 11:16 AM, "eugeny gladkih" <john () drweb com> spoketh to all:
"MS" == Michael Scheidell <scheidell () secnap net> writes:we've found local privilege escalation in Symantec LiveState agent. PoC: 1. kill shstart.exe processMS> Wouldn't you have to be administrator to kill shstart.exe? LocalSystem account has more privilegies then administrator's one.
The local administrator can do whatever he wants, including just setting the startup context of a service to run as LocalSystem. Any "privileged escalation" that requires you to already be an administrator is not an issue at all, period. For the one-millionth-and-second time, any "issue" that begins with "if you are a local administrator, then you can..." is a non-issue and a waste of everyone's time. That is the skinny on that. t
Current thread:
- Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation ss_team (Dec 04)
- <Possible follow-ups>
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Michael Scheidell (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation eugeny gladkih (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Steve Shockley (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Ansgar -59cobalt- Wiechers (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation eugeny gladkih (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Thor (Hammer of God) (Dec 05)
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Michael Scheidell (Dec 06)