exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Trustport Security Software Privilege Escalation

Trustport Security Software Privilege Escalation
Posted Sep 29, 2009
Authored by ShineShadow

TrustPort Antivirus version 2.8.0.2265, Antivirus Business version 2.8.0.2265, PC Security version 2.0.0.1290, and PC Security Business version 2.0.0.1290 suffer from a local privilege escalation vulnerability.

tags | advisory, local
SHA-256 | a03d13ef3d07de36c52c5c404d29288885fcc3dbeddbe2d172ec9c52bed2d620

Trustport Security Software Privilege Escalation

Change Mirror Download
ShineShadow Security Report 28092009-10

TITLE

Local privilege escalation vulnerability in Trustport security software

BACKGROUND

TrustPort is a major producer of software solutions for secure communication and reliable data protection. TrustPort products are characterized by a comprehensive approach to security of both computers and computer networks, protecting against known threats, whilst effectively facing new dangers. They excel in several security areas including antivirus technology, antispam methods, and encryption technology.

Source: http://www.trustport.com

VULNERABLE PRODUCTS

TrustPort Antivirus 2.8.0.2265
TrustPort Antivirus Business 2.8.0.2265
TrustPort PC Security 2.0.0.1290
TrustPort PC Security Business 2.0.0.1290

Previous versions may also be affected

DETAILS

Trustport installs the own program files with insecure permissions (Everyone - Full Control). Local attacker (unprivileged user) can replace some files (including executable files of Trustport services) by malicious files and execute arbitrary code with SYSTEM privileges.

EXPLOITATION

This is local privilege escalation vulnerability. An attacker must have valid logon credentials to a system where vulnerable software is installed.

WORKAROUND

Trustport has addressed this vulnerability by releasing fixed versions of the vulnerable products:
TrustPort Antivirus 2.8.0.2266
TrustPort Antivirus Business 2.8.0.2266
TrustPort PC Security 2.0.0.1291
TrustPort PC Security Business 2.0.0.1291

You can download it from the vendor website:
http://www.trustport.com/en/download

DISCLOSURE TIMELINE

16/08/2009 Initial vendor notification
17/08/2009 Vendor response
17/08/2009 Vulnerability details sent
18/08/2009 Vendor response that this security problem is known and will be solved in the next version of product
18/08/2009 Query for full list of the vulnerable software and planned release date of the fix. No reply.
24/08/2009 Resend query.
25/08/2009 Vendor provided requested information
09/09/2009 Vendor released the fixed versions of products
10/09/2009 I notified vendor that the vulnerability has not been fixed. The released update only mitigated vulnerability but did not remove it.
11/09/2009 Vendor agreed and promised to release new fix as soon as possible
24/09/2009 Vendor released new fixed versions of his products
28/09/2009 Advisory released

CREDITS

Maxim A. Kulakov (aka ShineShadow)
ss_contacts[at]hotmail.com
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close