Bugtraq mailing list archives
Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 5 Dec 2006 20:47:41 +0100
On 2006-12-05 eugeny gladkih wrote:
"MS" == Michael Scheidell <scheidell () secnap net> writes:we've found local privilege escalation in Symantec LiveState agent. PoC: 1. kill shstart.exe processWouldn't you have to be administrator to kill shstart.exe?LocalSystem account has more privilegies then administrator's one.
So? As an administrator you can gain SYSTEM privileges at any time. This behaviour is by design. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation ss_team (Dec 04)
- <Possible follow-ups>
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Michael Scheidell (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation eugeny gladkih (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Steve Shockley (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Ansgar -59cobalt- Wiechers (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation eugeny gladkih (Dec 05)
- Re: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Thor (Hammer of God) (Dec 05)
- RE: Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation Michael Scheidell (Dec 06)