Dailydave mailing list archives
Bad Medicine
From: Alex McGeorge <alexm () immunityinc com>
Date: Wed, 27 Apr 2011 12:12:58 -0400
Hello DD, Vulnerabilities in defense oriented software are always kind of funny (CVE-2005-3252, CVE-2007-3302, CVE-2010-3189, etc). Some people even make a sport of it (http://bit.ly/144o2C). Well it's time to refill the chuckle trough because our good friends over at GLEG.net, who you know from their recent SCADA exploit shenanigans, have added an exploit for an arbitrary command execution in Symantec anti-virus to CANVAS via their Agora exploit pack. This vulnerability has been out since August of 2010 but I'm willing to wager a non-trivial portion of anti-virus admins only care if their definitions are up to date. So this could be fun when you find yourself in the soft nougat center of a network. A little python scripting work and you've got yourself local admin accounts across an enterprise. Here's a video demo for your perusal: http://partners.immunityinc.com/movies/gleg-symantecams.zip Pricing and purchasing questions can be sent to: sales () immunityinc com Cheers, -AlexM -- Alex McGeorge Immunity Inc. 1130 Washington Avenue 8th Floor Miami Beach, Florida 33139 P: 786.220.0600 _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Bad Medicine Alex McGeorge (Apr 27)