<<< Date Index >>>     <<< Thread Index >>>

Symantec LiveState Agent for Windows vulnerability - Local Privilege Escalation



hello,

we've found local privilege escalation in Symantec LiveState agent.

PoC:

1. kill shstart.exe process
2. from symantec livestate agent icon in systray choose "Web Self-Service"
3. New browser window will open, it is running with SYSTEM privileges.

tested on fully patched Win XP SP2, Symantec LiveState agent 7.1


Credits: marc & shb


--
http://ssteam.ath.cx