Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12093
HistoryApr 05, 2006 - 12:00 a.m.

NOD32 local privilege escalation vulnerability

2006-04-0500:00:00
vulners.com
9
JSON

NOD32 local privilege escalation vulnerability

Not affected: > Version 2.51.26
Tested on: Winxp sp2
Risk: Average

To escalate the system privilage, the option 'quarentine a file' in NOD32 can be exploited & a malicious file can be copied to the quarentine and using the 'restore to…' option it can be dropped to the directory in which the STSTEM user just had read-only permession.

Note: from lower privilege, this trick can write a file to any directory in which the user has read-only access to but can't overwrite a file if the file-name already exists.

Vendor Website: www.eset.com
Vender reported: Mar 24, 2006
Patch release: Apr 4, 2006 (Version 2.51.26)

POC video & detail description: http://bipin.securityhead.com/NOD32.zip

–

Bipin Gautam
http://bipin.tk

JSON