Dear Protek Research Lab, I have a deja-vu. http://securityvulns.ru/Odocument175.html Same problem existed since 2006. With same reaction (total ignorance) from Panda developers. --Saturday, October 31, 2009, 5:24:38 PM, you wrote to bugtraq@xxxxxxxxxxxxxxxxx: PRL> ##################################################################################### PRL> Application: Panda Global Protection 2010 PRL> Panda Internet Security 2010 PRL> Platforms: Windows XP Professional SP & windows Vista SP1 PRL> Exploitation: Local Privilege Escalation PRL> Date: 2009-10-27 PRL> Author: Francis Provencher (Protek Research Lab's) PRL> PRL> ##################################################################################### PRL> 1) Introduction PRL> 2) Technical details PRL> 3) The Code (N/A) PRL> ##################################################################################### PRL> =============== PRL> 1) Introduction PRL> =============== PRL> Panda Global Protection 2010 PRL> Enjoy total security and ensure information integrity. PRL> Enjoy optimum security and safeguard your valuable data with PRL> Panda Global Protection 2010. It protects you from viruses, PRL> spyware, PRL> rootkits, hackers, online fraud, identity theft and all other PRL> Internet threats. The anti-spam engine will keep your inbox free PRL> from PRL> junk mail while the Parental Control feature ensures your PRL> children can use the Web safely. You can also back up important PRL> files PRL> (documents, music, photos, etc.) to a CD/DVD or online and PRL> restore them in case of accidental loss or damage. PRL> (from Panda security website) PRL> 2009-10-27 Contact vendor (No response) PRL> 2009-10-29 Contact vendor (No response) PRL> 2009-10-30 Contact Vendor (Three strikes...out!) PRL> ##################################################################################### PRL> ============================ PRL> 2) Technical details PRL> ============================ PRL> Panda Global Protection 2010 PRL> Build 3.01.00 PRL> Panda Internet Security 2010 PRL> Build 15.01.00 PRL> All files under the install folder have Full control access PRL> for everyone and can be replace with malicious files. PRL> ... snip ... PRL> C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe Everyone:F PRL> ... snip ... C:\>>WHOAMI.EXE PRL> FUZZYXP\test C:\>>telnet 127.0.0.1 4444 C:\>>WHOAMI.EXE PRL> WHOAMI.EXE PRL> AUTORITE NT\SYSTEM PRL> ##################################################################################### PRL> =========== PRL> 3) The Code PRL> =========== PRL> N\A PRL> ##################################################################################### PRL> (PRL-2009-15) PRL> PRL> __________________________________________________________________ PRL> Looking for the perfect gift? Give the gift of Flickr! PRL> http://www.flickr.com/gift/ -- Skype: Vladimir.Dubrovin ~/ZARAZA http://securityvulns.com/ Èáî ôàêòû åñòü ôàêòû, è èçëîæåíû îíè ëèøü äëÿ òîãî, ÷òîáû èõ ïîíÿëè è â íèõ ïîâåðèëè. (Òâåí)
