| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <E525222439A3D111B5F600609712CBEDA25396@mail.biac.duke.edu> Date: Wed, 15 Sep 2004 19:14:51 -0400 From: Francis Favorini <francis.favorini@...e.edu> To: "'mcw@....se'" <mcw@....se>, bugtraq@...urityfocus.com Cc: full-disclosure@...ts.netsys.com Subject: RE: McAfee VirusScan Privilege Escalation Vulnerability [iDEFENSE] bashis [mailto:mcw@....se] wrote... > There is a trick to get SYSTEM shell in VirusScan Enterprise > 7.1.0 and the 'brand' new version 8.0.0 also. > > Do a new task, for a example "Update" and choose a program to > run after the task, do this task to run with a schedule, > efter this task is done the chosen program is running with > SYSTEM priviligies. In my experience, non-admin users cannot add or edit tasks on VirusScan Enterprise 7.1 (on Win XP). In fact they cannot change any settings. They can only start an existing scan or update task. Perhaps you have relaxed permissions on HKLM\Software\Network Associates\TVD? Ours are set to Read for the Users group (inherited from HKLM\Software). Or maybe your users are running as Power Users? Also, you can set a password on the user interface to prevent changing the settings of your choice. -Francis _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists