- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 30546
- Проверка EDB
-
- Пройдено
- Автор
- EDI STROSAR
- Тип уязвимости
- LOCAL
- Платформа
- WINDOWS
- CVE
- cve-2007-4649
- Дата публикации
- 2007-08-30
Код:
source: https://www.securityfocus.com/bid/25493/info
Multiple MicroWorld eScan products are vulnerable to a local privilege-escalation vulnerability because of insecure default file permissions.
Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers.
The following are vulnerable:
eScan Internet Security 9.0.722.1
eScan Virus Control 9.0.722.1
eScan AntiVirus 9.0.722.1
UPDATE (September 4, 2008): The following additional products have been reported as vulnerable:
eScan Corporate 9.0.x
eScan Professional 9.0.x
eScan Workstation Server 9.0.x
eScan Web and Mail Filter 9.0.x
MailScan for Mail-Server 5.6a
MailScan for SMTP Server 5.6a
X-Spam for SMTP Servers 5.6a
Other versions and software packages may also be affected.
- logon as LUA user
- rename traysser.exe to traysser.exe.BAK
- copy program.exe to eScan installation directory
- rename program.exe to traysser.exe
- restart the computer
- "rootshell" ;)
NOTE: traysser.exe is eScan Server Updater Service that
runs as NT AUTHORITY\SYSTEM.- Источник
- www.exploit-db.com
