Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > bugtraq > 07 > 080840.html (Request Expert securityfocus.com Support)

Re: Local Privilege Escalation Vulnerabilities in Lotus Notes Client

From: 3APA3A <3APA3A(at)SECURITY.NNOV.RU>
Date: Wed Aug 22 2007 - 12:29:51 EDT


Dear kochetkov.vladimir@gmail.com,

 It looks like duplicated for CVE-2005-2454 and should be fixed in Lotus  Notes client 7.0.2, see

 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773

 Please specify Notes client version.

--Wednesday, August 22, 2007, 2:25:28 PM, you wrote to bugtraq@securityfocus.com:

kvgc> Local Privilege Escalation Through Default ntmulti.exe File Permissions 

kvgc> Unprivileged users can execute arbitrary programs that run
kvgc> with the privileges of the LocalSystem account by replacing the
kvgc> Multi-user Cleanup Service executable with arbitrary executables.
kvgc> This vulnerability exists because the default file permissions
kvgc> assigned during installation to ntmulti.exe (the executable for
kvgc> the Multi-user Cleanup Service) allow unprivileged, interactive
kvgc> users to replace ntmulti.exe with any file.

kvgc> Because the Multi-user Cleanup Service is a Windows service
kvgc> running with LocalSystem privileges, unprivileged users can easily kvgc> elevate their privileges.

--

~/ZARAZA http://securityvulns.com/ Received on Wed Aug 22 12:42:35 2007

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:13:06 EDT

Do you need help?X
Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library