模板
教程
环境
性能
功能
管理
AltirisCarbonCopyRemoteControlLocalSYSTEMExploitation
发表于:2007-05-25来源:作者:点击数:
标签:
Summary Altiris Carbon Copy Solution "isn't your average remote control application it provides access from a Web browser". A locally exploitable vulnerability in the product allows attackers to gain SYSTEM privileges . Details Vulnerable
| Summary | |
| Altiris Carbon Copy Solution "isn't your average remote control application it provides aclearcase/" target="_blank" >ccess from a Web browser". | |
| Details | |
| Vulnerable Systems: * Carbon Copy Version version 6.0.5257 and prior Exploit: Start the Carbon Copy Service... CCSRVC.exe is running as SYSTEM. In the task bar you should see a little blue and white CC icon. Right click on it and choose show user interface. CCW32.exe will then be started with SYSTEM rights. Choose help then "carbon copy help topics"... right click on the right hand side of the help pane and choose "view source". You should get notepad.exe running as SYSTEM. Click File then open... browse to cmd.exe right click and open it. Now you have local SYSTEM. |
