Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | Symantec pcAnywhere Help Interface Yields SYSTEM Privileges to Users |
|---|
Categorie: Vulnerability
Posted: 2003-11-15 by ReCall
Views: 418
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
Description: A vulnerability was reported in Symantec's pcAnywhere. A local user or a remote authenticated user can obtain SYSTEM privileges.
Secure Network Operations Strategic Reconnaissance Team reported that when pcAnywhere is started as a service (in service-mode, not in application-mode), a user can exploit a flaw in the help interface to gain SYSTEM privileges.
It is reported that a local user (or a remote authenticated user with access to the system tray) can open the help feature to start winhlp32. The user can then use the "File" command and "open" to browser for a '.hlp' file. Instead of selecting a '.hlp' file, the user can reportedly access various files with SYSTEM privileges.
In version 11, the hh.exe help interface can reportedly be exploited in a similar manner by selecting the "view source" option, yielding a Windows notepad session that has SYSTEM privileges.
[Editor's note: Symantec's advisory for this vulnerability will be posted in a separate Alert. The Symantec response says that the vulnerability cannot be exploited remotely, which appears to contradict the Secure Networks Operation advisory. We have asked Symantec for clarification.]
Impact: A local or remote authenticated user can gain SYSTEM privileges on the target system.
Solution: The vendor has released a fix, available via Live Update.
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=536
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
