Re: Privilege escalation in McAfee VirusScanEnterprise 8.0i (patch 11) and CMA 3.5 (patch 5)

[Reed Arvin <reedarvin () gmail com>]

Sir,

Although the exploitation technique was already known I am sure that
others are happy to know about the vulnerability. And I assure you
that I did not waste my time.

Apparently you have strong feelings about my post. I apologize if I
have offended you in some way. This will be my last reply.

Best regards and happy holidays.

On 12/22/05, Steven Rakick <stevenrakick () yahoo com> wrote:
> Hi Reed,
>
> I'm unable to verify that. I'm sure someone else will.
>
> Regardless, as indicated by the previous Full-Disclosure posting by Pretty
> Vacant, the behavior you're speaking about has been known for years. Sorry
> you wasted your time.
>
> It's clear you were unaware of the previous research. You must have thought
> it was pretty important, considering how many lists you cross posted to.
>
> Thanks for your efforts.
>
>
> Reed Arvin <reedarvin () gmail com> wrote:
> Sir,
>
> On Windows 2000 operating systems the default permissions for the root
> of the OS drive is Everyone/Full Control. However, with Microsoft
> operating systems newer than Windows 2000 administrative privileges
> are necessary. Thank you for your comment.
>
> Regards,
> Reed
>
> On 12/22/05, Steven Rakick wrote:
> > See:
> http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/033909.html
> > It's not a vulnerability as it requires administrative privs in the first
> > place.
> >
> >
> >
> >
> >
> >
> > ________________________________
> > Yahoo! DSL Something to write home about. Just $16.99/mo. or less
>
>
>
>
>  ________________________________
>  Yahoo! DSL Something to write home about. Just $16.99/mo. or less
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/