lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <80115b69041129074449f5efdf@mail.gmail.com>
From: reedarvin at gmail.com (Reed Arvin)
Subject: Privilege escalation flaw in MDaemon 7.2.

Summary:
A privilege escalation flaw exists in MDaemon 7.2 (http://www.mdaemon.com).

Details:
A privilege escalation technique can be used to gain SYSTEM level
access while interacting with the MDaemon tray icon.

Vulnerable Versions:
MDaemon 7.2

Solutions:
The vendor was notified of the issue. There was no response.

Exploit:
1. Double click on the mail icon in the Taskbar to open the Alt-N
MDaemon Pro window.
2. Click File, click New
3. Notepad should open.  In Notepad click File, click Open
4. In the Files of type: field choose All Files
5. Navagate to %WINDIR%\System32\
6. Right click cmd.exe and choose Open
7. A new command shell will open with SYSTEM privileges

Discovered by Reed Arvin reedarvin[at]gmail[dot]com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ