what you don't know can hurt you

antivirNotepad.txt

antivirNotepad.txt
Posted Mar 12, 2006
Authored by Ramon Kukla

AntiVir Personal Edition Classic version 7 suffers from a local privilege escalation issue due to launching notepad.exe with SYSTEM privileges.

tags | advisory, local
MD5 | b1d3df71ca414fb4d85a729575c764c7

antivirNotepad.txt

Change Mirror Download
Application: AntiVir PersonalEdition Classic
Site: http://www.free-av.de/
Version: 7 and maybe lower
OS: Windows XP, Windows 2000
Bugs: Local Privilige Escalation


Product:
=====
AntiVir PersonalEdition Classic Windows from Avira GmbH protects your
computer from viruses, malware, unwanted programs and other dangers.


About:
=====
A few days ago I discovered a little 'Local Privilege Escalation' Bug
in the current version of AntiVir PersonalEdition Classic.


Description:
=====
Part of AntiVir PersonalEdition Classic is a service called 'AntiVir
PersonalEdition Classic Planer' which runs with SYSTEM rights. If you
start the update process using the GUI, AntiVir will show you a status
window. After finishing the process AntiVir offers you a report. Open
the report using the button 'Report' and AntiVir will open the report
in the well known application 'notepad.exe'. Well, since the update was
initiated by the service 'AntiVir PersonalEdition Classic Planer',
which runs with SYSTEM rights, notepad.exe inherits these rights now.
Use 'notepad.exe' to *run* 'compmgmt.msc' for example and...
Well, you know what might happen now.


History:
=====
2006-03-04: Found the Bug and mailed Vendor
2006-03-05: Response from vendor, checking the problem
2006-03-09: Response from vendor, fix is on the way.



ports

--
SYS 64767

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    17 Files
  • 23
    Mar 23rd
    1 Files
  • 24
    Mar 24th
    1 Files
  • 25
    Mar 25th
    16 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close