| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Sep 2004 05:04:09 +0200 (CEST) From: bashis <mcw@....se> To: francis.favorini@...e.edu (Francis Favorini) Cc: full-disclosure@...ts.netsys.com, bugtraq@...urityfocus.com Subject: Re: RE: McAfee VirusScan Privilege Escalation Vulnerability > > bashis [mailto:mcw@....se] wrote... > > There is a trick to get SYSTEM shell in VirusScan Enterprise > > 7.1.0 and the 'brand' new version 8.0.0 also. > > > > Do a new task, for a example "Update" and choose a program to > > run after the task, do this task to run with a schedule, > > efter this task is done the chosen program is running with > > SYSTEM priviligies. > > In my experience, non-admin users cannot add or edit tasks on VirusScan > Enterprise 7.1 (on Win XP). In fact they cannot change any settings. They > can only start an existing scan or update task. Perhaps you have relaxed > permissions on HKLM\Software\Network Associates\TVD? Ours are set to Read > for the Users group (inherited from HKLM\Software). Or maybe your users are > running as Power Users? Also, you can set a password on the user interface > to prevent changing the settings of your choice. Yes, you have right. Sorry for my noice. Have a nice day /bashis _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists