Previous articleBack to news listNext article
|
Sponsored links |
Want to become one of our authors and see your work published on ALLSeek.iNFO ?
|
| Symantec LiveUpdate NetDetect Scheduled Task Lets Local Users Gain Elevated Privileges |
|---|
Categorie: Vulnerability
Posted: 2004-12-15 by ReCall
Views: 379
Source: Click here
| Current Rating: Not rated
|
|
| Details |
|---|
Description: A vulnerability was reported in Symantec's LiveUpdate. A local user may be able to gain elevated privileges on the target system.
Symantec reported that, depending on the system configuration, a local user may be able to manipulate the Symantec Windows LiveUpdate GUI while the scheduled NetDetect task is running to gain administrative privileges on the target system. The report indicates that the Internet options configuration functionality can be modified during this time.
The vulnerable LiveUpdate component (prior to version 2.5) is included within:
Symantec Norton SystemWorks 2001-2004
Symantec Norton AntiVirus and Pro 2001-2004
Symantec Norton Internet Security and Pro 2001-2004
Symantec AntiVirus for Handhelds Retail and Corporate Edition v3.0
Symantec credits Secure Network Operations with reporting this flaw.
Impact: A local user may be able to gain administrative privileges on the target system.
Solution: The vendor has issued a fixed version of LiveUpdate (2.5), available via LiveUpdate.
|
| Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1205
|
| User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
|
Previous articleBack to news listNext article
|
