11.29.04

Summary:
A privilege escalation flaw exists in MDaemon 7.2 (http://www.mdaemon.com)

Details:
A privilege escalation technique can be used to gain SYSTEM level access while interacting with the MDaemon tray icon.

Vulnerable Versions:
MDaemon 7.2

Patches/Workarounds:
The vendor was notified of the issue. There was no response.

Exploits:

1. Double click on the mail icon in the Taskbar to open the Alt-N MDaemon Pro
   window.

2. Click File, click New

3. Notepad should open. In Notepad click File, click Open

4. In the Files of type: field choose All Files

5. Navagate to %WINDIR%\System32\

6. Right click cmd.exe and choose Open

7. A new command shell will open with SYSTEM privileges.

Discovered by Reed Arvin reedarvin[at]gmail[dot]com
(http://reedarvin.thearvins.com/)