exe NT AUTHORITY\ SYSTEM :( I )( F ) BUILTIN\ Administrators :( I )( F ) BUILTIN\ Users :( I )( RX ) WIN - OOQCQK1QQ1L\ blubb :( I )( F ) APPLICATION PACKAGE AUTHORITY\ ALL APPLICATION PACKAGES :( I )( RX ) Everyone :( I )( F ) For further Screenshots and / or PoCs visit : http : // security.
PROOF - OF - CONCEPT ( Code / Exploit ) - c :\ Program Files\ Photodex\ ProShow Producer > icacls scsiaccess. Tested on : Microsoft Windows 7 Ultimate 64 Bit ( EN ) Microsoft Windows 8 Enterprise 32 Bit ( EN ) 5. A local attacker or compromised process is able to replace the original application binary with a malicious application which will be executed by a victim user or after a ScsiAccess service restart. Insecure file permissions on the executable file "scsiaccess.exe", which is used by the application service "ScsiAccess" under the SYSTEM account, may allow a less privileged user to gain access to SYSTEM privileges. VULNERABILITY DESCRIPTION - A local privilege escalation vulnerability has been identified in Photodex ProShow Producer v5. 0.3310, older versions may be affected too. VERSIONS AFFECTED - Photodex ProShow Producer v5. CREDITS - This vulnerability was discovered and researched by Julien Ahrens from Inshell Security. ADVISORY INFORMATION - Product : Photodex ProShow Producer Vendor URL : com Type : Incorrect Default Permissions Date found : 2013 - 03 - 18 Date published : 2013 - 03 - 19 CVSSv2 Score : 7, 2 ( AV : L / AC : L / Au : N / C : C / I : C / A : C ) CVE : - 2. # Exploit-DB Note: Vuln still in as well as 'Photodex ProShow Gold' Inshell Security Advisory http : // net 1.
0 kommentar(er)
