Full Disclosure mailing list archives
BitDefender Total Security 2018 - Insecure Pipe Permissions
From: filipe <filipe.xavier () tempest com br>
Date: Tue, 6 Mar 2018 16:04:44 -0300
=====[ Tempest Security Intelligence - ADV-19/2018 ]=== BitDefender Total Security 2018 - Insecure Pipe Permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: <filipe.xavier () tempest.com.br =====[ Table of Contents ]===================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Overview ]============================================================== * System affected : BitDefender Total Security [1] * Software Version : 2018. Other versions or models may also be affected. * Impact : A low priveliged user can access and modify all DACLS of all pipes with full access allowed. =====[ Detailed description ]================================================== BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an "insecurely created named pipe". Ensures full access to Everyone users group. All pipes used by services (vsserv.exe, updatesrv.exe, DevMgmtService.exe, bdwtxag.exe, bdagent.exe) from application. =====[ Timeline of disclosure ]=============================================== 01/24/2018 - Vendor was informed of the vulnerability. 01/29/2018 - Vendor did not respond. 01/24/2018 - CVE assigned [2] 03/06/2018 - Advisory publication date. =====[ Thanks & Acknowledgements ]============================================ - Tempest Security Intelligence / Tempest's Pentest Team [3] =====[ References ]=========================================================== [1] - https://www.bitdefender.com.br/ [2] - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6183 [3] - http://www.tempest.com.br/ -- Filipe Oliveira Tempest Security Intelligence _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- BitDefender Total Security 2018 - Insecure Pipe Permissions filipe (Mar 09)
- Re: BitDefender Total Security 2018 - Insecure Pipe Permissions Alex BALAN (Mar 13)