BlackICE Help System Lets Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1015821
|
|
SecurityTracker URL: http://securitytracker.com/id?1015821
|
|
CVE Reference: CVE-2005-2711
(Links to External Site)
|
Date: Mar 23 2006
|
Impact: Execution of arbitrary code via local system, Root access via local system
|
Vendor Confirmed: Yes
|
Advisory: iDEFENSE
|
Description: A vulnerability was reported in BlackICE. A local user can gain elevated privileges.
The software does not properly drop permissions when launching the help dialog. A local user can cause the Application Protection
Module to display a warning, then select the "More Info" button, then press the F1 key, and select an arbitrary executable. The
executable will run with System level privileges.
The vendor was notified on August 23, 2005.
iDEFENSE reported this vulnerability.
The
original advisory is available at:
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403
|
Impact: A local user can gain System level privileges.
|
Solution: No solution was available at the time of this entry.
The vendor has issued a free replacement product (Proventia Server), which is not vulnerable.
|
Vendor URL: www.iss.net/ (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 23 Mar 2006 18:06:39 -0500
Subject: BlackICE vulnerability
|
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403
CVE-2005-2711
|
|
