[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1728881.20070822202951@SECURITY.NNOV.RU>
Date: Wed, 22 Aug 2007 20:29:51 +0400
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: kochetkov.vladimir@...il.com
Cc: bugtraq@...urityfocus.com
Subject: Re: Local Privilege Escalation Vulnerabilities in Lotus Notes Client
Dear kochetkov.vladimir@...il.com,
It looks like duplicated for CVE-2005-2454 and should be fixed in Lotus
Notes client 7.0.2, see
http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773
Please specify Notes client version.
--Wednesday, August 22, 2007, 2:25:28 PM, you wrote to bugtraq@...urityfocus.com:
kvgc> Local Privilege Escalation Through Default ntmulti.exe File Permissions
kvgc> Unprivileged users can execute arbitrary programs that run
kvgc> with the privileges of the LocalSystem account by replacing the
kvgc> Multi-user Cleanup Service executable with arbitrary executables.
kvgc> This vulnerability exists because the default file permissions
kvgc> assigned during installation to ntmulti.exe (the executable for
kvgc> the Multi-user Cleanup Service) allow unprivileged, interactive
kvgc> users to replace ntmulti.exe with any file.
kvgc> Because the Multi-user Cleanup Service is a Windows service
kvgc> running with LocalSystem privileges, unprivileged users can easily
kvgc> elevate their privileges.
--
~/ZARAZA http://securityvulns.com/
Powered by blists - more mailing lists