Bugtraq mailing list archives
Re: Symantec LiveState Agent for Windows vulnerabi
From: eugeny gladkih <john () drweb com>
Date: Wed, 06 Dec 2006 00:24:46 +0300
"D" == Damjan <damjan () widesec com> writes:
we've found local privilege escalation in Symantec LiveState agent. PoC: 1. kill shstart.exe process
MS> Wouldn't you have to be administrator to kill shstart.exe?
LocalSystem account has more privilegies then administrator's one.
D> I don't think so. I think, SYSTEM account has less or same D> privileges than Administrator. Or? SeTCBPrivilege SeCreateTokenPrivilege -- Yours sincerely, Eugeny. Doctor Web, Ltd. http://www.drweb.com
Current thread:
- Re: Symantec LiveState Agent for Windows vulnerabi Damjan (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerabi eugeny gladkih (Dec 05)