lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 22 Aug 2007 20:29:51 +0400
Subject: Re: Local Privilege Escalation Vulnerabilities in Lotus Notes Client


 It looks like duplicated for CVE-2005-2454 and should be fixed in Lotus
 Notes client 7.0.2, see

 Please specify Notes client version.

--Wednesday, August 22, 2007, 2:25:28 PM, you wrote to

kvgc> Local Privilege Escalation Through Default ntmulti.exe File Permissions

kvgc> Unprivileged users can execute arbitrary programs that run
kvgc> with the privileges of the LocalSystem account by replacing the
kvgc> Multi-user Cleanup Service executable with arbitrary executables.
kvgc> This vulnerability exists because the default file permissions
kvgc> assigned during installation to ntmulti.exe (the executable for
kvgc> the Multi-user Cleanup Service) allow unprivileged, interactive
kvgc> users to replace ntmulti.exe with any file.

kvgc> Because the Multi-user Cleanup Service is a Windows service
kvgc> running with LocalSystem privileges, unprivileged users can easily
kvgc> elevate their privileges.


Powered by blists - more mailing lists