Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] Privilege escalation flaw in MDaemon 7.2.

from [Kevin Finisterre] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] Privilege escalation flaw in MDaemon 7.2.
Date: Mon, 29 Nov 2004 14:18:59 -0500
I discovered and reported this to the vendor over a year ago... the vendor did not respond to me either. Now thats service with a smile. =]
-KF

Reed Arvin wrote: 
Summary:
A privilege escalation flaw exists in MDaemon 7.2 (http://www.mdaemon.com).

Details:
A privilege escalation technique can be used to gain SYSTEM level
access while interacting with the MDaemon tray icon.

Vulnerable Versions:
MDaemon 7.2

Solutions:
The vendor was notified of the issue. There was no response.

Exploit:
1. Double click on the mail icon in the Taskbar to open the Alt-N
MDaemon Pro window.
2. Click File, click New
3. Notepad should open.  In Notepad click File, click Open
4. In the Files of type: field choose All Files
5. Navagate to %WINDIR%\System32\
6. Right click cmd.exe and choose Open
7. A new command shell will open with SYSTEM privileges

Discovered by Reed Arvin reedarvin[at]gmail[dot]com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  AW: [Full-Disclosure] Is www.sco.com hacked?, Robert Marquardt
Next by Date:  [Full-Disclosure] Buffer overlow in DMS POP3 Server for Windows 2000/XP 1.5.3 build 37 and prior versions., Reed Arvin
Previous by Thread:  [Full-Disclosure] Privilege escalation flaw in MDaemon 7.2., Reed Arvin
Next by Thread:  [Full-Disclosure] [SECURITY] [DSA 602-1] New libgd2 packages fix arbitrary code execution, debian-security-announce
Indexes:  [Date] [Thread] [Top] [All Lists]