Reed Arvin # Published Advisories

# Latest News
# Published Advisories
# Security Tools
# Professional Resume
# Personal BLOG

Published Advisories

11.19.04

Summary:
A privilege escalation flaw exists in AClient Service for Windows (Version 5.6.181) (http://www.altiris.com/)

Details:
A privilege escalation technique can be used to gain SYSTEM level access while interacting with the AClient Service for Windows tray icon.

Vulnerable Versions:
AClient Service for Windows (Version 5.6.181)

Patches/Workarounds:
The vendor was notified of the issue. There was no technical response. The vendor will not give support without a support contract.

Exploits:

1. Right click on the Altiris Client Service icon in the Taskbar and choose
   View Log File

2. Notepad should open. Click File, click Open

3. In the Files of type: field choose All Files

4. Navagate to %WINDIR%\System32\

5. Right click on cmd.exe and choose Open

6. A new command shell with launch with SYSTEM privileges.

Discovered by Reed Arvin reedarvin[at]gmail[dot]com
(http://reedarvin.thearvins.com/)

reedarvin[at]gmail[dot]com