> -----Original Message----- > From: ss_team [mailto:ssteam.pl@xxxxxxxxx] > Sent: Monday, December 04, 2006 11:28 AM > To: bugtraq@xxxxxxxxxxxxxxxxx > Subject: Symantec LiveState Agent for Windows vulnerability - > Local Privilege Escalation > > > hello, > > we've found local privilege escalation in Symantec LiveState agent. > > PoC: > > 1. kill shstart.exe process Wouldn't you have to be administrator to kill shstart.exe? > 2. from symantec livestate agent icon in systray choose "Web > Self-Service" > 3. New browser window will open, it is running with SYSTEM privileges. > > tested on fully patched Win XP SP2, Symantec LiveState agent 7.1 > > > Credits: marc & shb > > > -- > http://ssteam.ath.cx >
