• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Internet Security Systems BlackICE PC Protection Upgrade File Permission Vulnerability

BlackICE PC Protection is reported to install various .ini files with insecure permissions after an upgrade. This may allow non-administrative users to modify or replace these files, facilitating other attacks. This could affect various security properties as configuration information for the software may be altered by an unauthorized user. There is also a buffer overrun that exists in the software when parsing various directives included in .ini files, as described in BID 9514. This additional issue could be exploited once the permissions have been lowered.

It should be noted that exploitation of other latent vulnerabilities, such as those described in BID 8577 could create a situation where a remote attacker could place a hostile .ini on the local file system that is designed to weaken the security provided by the software or exploit the buffer overrun described in BID 9514.

This issue has been reported to occur when the software is upgraded to version 3.6.cbz.