lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20090928141322.17167.qmail@securityfocus.com>
Date: 28 Sep 2009 14:13:22 -0000
From: ss_contacts@...mail.com
To: bugtraq@...urityfocus.com
Subject: Local privilege escalation vulnerability in Trustport security
 software

ShineShadow Security Report 28092009-10

TITLE

Local privilege escalation vulnerability in Trustport security software 

BACKGROUND 

TrustPort is a major producer of software solutions for secure communication and reliable data protection. TrustPort products are characterized by a comprehensive approach to security of both computers and computer networks, protecting against known threats, whilst effectively facing new dangers. They excel in several security areas including antivirus technology, antispam methods, and encryption technology.

Source: http://www.trustport.com 

VULNERABLE PRODUCTS 

TrustPort Antivirus 2.8.0.2265
TrustPort Antivirus Business 2.8.0.2265
TrustPort PC Security 2.0.0.1290
TrustPort PC Security Business 2.0.0.1290

Previous versions may also be affected

DETAILS 

Trustport installs the own program files with insecure permissions (Everyone - Full Control). Local attacker (unprivileged user) can replace some files (including executable files of Trustport services) by malicious files and execute arbitrary code with SYSTEM privileges.

EXPLOITATION 

This is local privilege escalation vulnerability. An attacker must have valid logon credentials to a system where vulnerable software is installed.

WORKAROUND 

Trustport has addressed this vulnerability by releasing fixed versions of the vulnerable products:
TrustPort Antivirus 2.8.0.2266
TrustPort Antivirus Business 2.8.0.2266
TrustPort PC Security 2.0.0.1291
TrustPort PC Security Business 2.0.0.1291

You can download it from the vendor website:
http://www.trustport.com/en/download

DISCLOSURE TIMELINE 

16/08/2009 Initial vendor notification
17/08/2009 Vendor response 
17/08/2009 Vulnerability details sent
18/08/2009 Vendor response that this security problem is known and will be solved in the next version of product
18/08/2009 Query for full list of the vulnerable software and planned release date of the fix. No reply.
24/08/2009 Resend query.
25/08/2009 Vendor provided requested information
09/09/2009 Vendor released the fixed versions of products
10/09/2009 I notified vendor that the vulnerability has not been fixed. The released update only mitigated vulnerability but did not remove it.
11/09/2009 Vendor agreed and promised to release new fix as soon as possible
24/09/2009 Vendor released new fixed versions of his products
28/09/2009 Advisory released

CREDITS 

Maxim A. Kulakov (aka ShineShadow) 
ss_contacts[at]hotmail.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ