lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <200409160304.i8G349DP018454@ns.wcd.se>
From: mcw at wcd.se (bashis)
Subject: RE: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability

> 
> bashis [mailto:mcw@....se] wrote...
> > There is a trick to get SYSTEM shell in VirusScan Enterprise 
> > 7.1.0 and the 'brand' new version 8.0.0 also.
> > 
> > Do a new task, for a example "Update" and choose a program to 
> > run after the task, do this task to run with a schedule, 
> > efter this task is done the chosen program is running with 
> > SYSTEM priviligies.
> 
> In my experience, non-admin users cannot add or edit tasks on VirusScan
> Enterprise 7.1 (on Win XP).  In fact they cannot change any settings.  They
> can only start an existing scan or update task.  Perhaps you have relaxed
> permissions on HKLM\Software\Network Associates\TVD?  Ours are set to Read
> for the Users group (inherited from HKLM\Software).  Or maybe your users are
> running as Power Users?  Also, you can set a password on the user interface
> to prevent changing the settings of your choice.

Yes, you have right. Sorry for my noice.

Have a nice day
/bashis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ