[37555] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Privilege escalation flaw in MDaemon 7.2.

daemon@ATHENA.MIT.EDU (Reed Arvin)
Mon Nov 29 22:55:08 2004

Date: 29 Nov 2004 15:46:01 -0000
Message-ID: <20041129154601.17078.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Reed Arvin <reedarvin@gmail.com>
To: bugtraq@securityfocus.com

Summary:
A privilege escalation flaw exists in MDaemon 7.2 (http://www.mdaemon.com).

Details:
A privilege escalation technique can be used to gain SYSTEM level access while interacting with the MDaemon tray icon.

Vulnerable Versions:
MDaemon 7.2

Solutions:
The vendor was notified of the issue. There was no response.

Exploit:
1. Double click on the mail icon in the Taskbar to open the Alt-N MDaemon Pro window.
2. Click File, click New
3. Notepad should open.  In Notepad click File, click Open
4. In the Files of type: field choose All Files
5. Navagate to %WINDIR%\System32\
6. Right click cmd.exe and choose Open
7. A new command shell will open with SYSTEM privileges

Discovered by Reed Arvin reedarvin[at]gmail[dot]com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[37555] in bugtraq

Privilege escalation flaw in MDaemon 7.2.

daemon@ATHENA.MIT.EDU (Reed Arvin)Mon Nov 29 22:55:08 2004

daemon@ATHENA.MIT.EDU (Reed Arvin)
Mon Nov 29 22:55:08 2004