Bugtraq mailing list archives
Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
From: Steve Shockley <steve.shockley () shockley net>
Date: Tue, 05 Dec 2006 14:55:51 -0500
eugeny gladkih wrote:
"MS" == Michael Scheidell <scheidell () secnap net> writes:>> 1. kill shstart.exe process
MS> Wouldn't you have to be administrator to kill shstart.exe?
LocalSystem account has more privilegies then administrator's one.
If you've already got Administrator, you can just run at <time> /interactive "cmd.exe" and get a shell as SYSTEM.
Current thread:
- Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation ss_team (Dec 04)
- <Possible follow-ups>
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Michael Scheidell (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation eugeny gladkih (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Steve Shockley (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Ansgar -59cobalt- Wiechers (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation eugeny gladkih (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Thor (Hammer of God) (Dec 05)
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Michael Scheidell (Dec 06)