[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] RE: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability
- To: francis.favorini@xxxxxxxx (Francis Favorini)
- Subject: Re: [Full-Disclosure] RE: [Bugtraq] McAfee VirusScan Privilege Escalation Vulnerability
- From: bashis <mcw@xxxxxx>
- Date: Thu, 16 Sep 2004 05:04:09 +0200 (CEST)
>
> bashis [mailto:mcw@xxxxxx] wrote...
> > There is a trick to get SYSTEM shell in VirusScan Enterprise
> > 7.1.0 and the 'brand' new version 8.0.0 also.
> >
> > Do a new task, for a example "Update" and choose a program to
> > run after the task, do this task to run with a schedule,
> > efter this task is done the chosen program is running with
> > SYSTEM priviligies.
>
> In my experience, non-admin users cannot add or edit tasks on VirusScan
> Enterprise 7.1 (on Win XP). In fact they cannot change any settings. They
> can only start an existing scan or update task. Perhaps you have relaxed
> permissions on HKLM\Software\Network Associates\TVD? Ours are set to Read
> for the Users group (inherited from HKLM\Software). Or maybe your users are
> running as Power Users? Also, you can set a password on the user interface
> to prevent changing the settings of your choice.
Yes, you have right. Sorry for my noice.
Have a nice day
/bashis
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html