|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Local Privilege Escalation Vulnerabilities in Lotus Notes Client
kochetkov.vladimir
gmail.com
Date: Wed Aug 22 2007 - 05:25:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Local Privilege Escalation Through Default ntmulti.exe File Permissions
Unprivileged users can execute arbitrary programs that run with the privileges of the LocalSystem account by replacing the Multi-user Cleanup Service executable with arbitrary executables. This vulnerability exists because the default file permissions assigned during installation to ntmulti.exe (the executable for the Multi-user Cleanup Service) allow unprivileged, interactive
users to replace ntmulti.exe with any file.
Because the Multi-user Cleanup Service is a Windows service running with LocalSystem privileges, unprivileged users can easily elevate their privileges.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]