Back to list
Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation
Dec 04 2006 04:28PM
ss_team (ssteam pl gmail com)
we've found local privilege escalation in Symantec LiveState agent.
1. kill shstart.exe process
2. from symantec livestate agent icon in systray choose "Web Self-Service"
3. New browser window will open, it is running with SYSTEM privileges.
tested on fully patched Win XP SP2, Symantec LiveState agent 7.1
Credits: marc & shb
[ reply ]
Copyright 2010, SecurityFocus