BugTraq
Back to list
|
Post reply
Privilege escalation flaw in AClient Service for Windows (Version 5.6.181).
Nov 19 2004 06:10AM
Reed Arvin (reedarvin gmail com)
Summary:
A privilege escalation flaw exists in the AClient Service for Windows (Version 5.6.181) (http://www.altiris.com/).
Details:
A privilege escalation technique can be used to gain SYSTEM level
access while interacting with the AClient Service for Windows tray icon.
Vulnerable Versions:
Altiris Deployment Solution 5.6 SP1 (Hotfix E)
Solutions:
The vendor was notified of the issue. There was no technical response. The vendor will not give support without a support contract.
Exploit:
1. Right click on the Altiris Client Service icon in the Taskbar and choose View Log File
2. Notepad should open. Click File, click Open
3. In the Files of type: field choose All Files
4. Navagate to %WINDIR%\System325. Right click on cmd.exe and choose Open
6. A new command shell with launch with SYSTEM privileges
Discovered by Reed Arvin reedarvin[at]gmail[dot]com
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Summary:
A privilege escalation flaw exists in the AClient Service for Windows (Version 5.6.181) (http://www.altiris.com/).
Details:
A privilege escalation technique can be used to gain SYSTEM level
access while interacting with the AClient Service for Windows tray icon.
Vulnerable Versions:
Altiris Deployment Solution 5.6 SP1 (Hotfix E)
Solutions:
The vendor was notified of the issue. There was no technical response. The vendor will not give support without a support contract.
Exploit:
1. Right click on the Altiris Client Service icon in the Taskbar and choose View Log File
2. Notepad should open. Click File, click Open
3. In the Files of type: field choose All Files
4. Navagate to %WINDIR%\System325. Right click on cmd.exe and choose Open
6. A new command shell with launch with SYSTEM privileges
Discovered by Reed Arvin reedarvin[at]gmail[dot]com
[ reply ]