Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15288
HistoryDec 05, 2006 - 12:00 a.m.

Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation

2006-12-0500:00:00
vulners.com
6

hello,

we've found local privilege escalation in Symantec LiveState agent.

PoC:

  1. kill shstart.exe process
  2. from symantec livestate agent icon in systray choose "Web Self-Service"
  3. New browser window will open, it is running with SYSTEM privileges.

tested on fully patched Win XP SP2, Symantec LiveState agent 7.1

Credits: marc & shb


http://ssteam.ath.cx