NOD32 local privilege escalation vulnerability

Discussion in 'Forum for discussion of ANTICHAT' started by NeMiNeM, 7 Apr 2006.

  1. NeMiNeM

    NeMiNeM Elder - Старейшина

    Joined:
    22 Aug 2005
    Messages:
    480
    Likes Received:
    307
    Reputations:
    201
    NOD32 local privilege escalation vulnerability

    Not affected: > Version 2.51.26
    Tested on: Winxp sp2
    Risk: Average

    To escalate the system privilage, the option 'quarentine a file' in NOD32 can be exploited & a malicious file can be copied to the quarentine and using the 'restore to...' option it can be dropped to the directory in which the STSTEM user just had read-only permession.

    Note: from lower privilege, this trick can write a file to any directory in which the user has read-only access to but can't overwrite a file if the file-name already exists.

    Vendor Website: www.eset.com
    Vender reported: Mar 24, 2006
    Patch release: Apr 4, 2006 (Version 2.51.26)

    POC video & detail description: http://bipin.securityhead.com/NOD32.zip

    --

    Bipin Gautam
    http://bipin.tk

    --
    www.securityfocus.com
     
    2 people like this.
Loading...
Similar Threads - NOD32 local privilege
  1. d0min
    Replies:
    1
    Views:
    4,725
  2. bxN5
    Replies:
    1
    Views:
    4,582