AOH :: HP Unsorted L :: BT-21718.HTM

Local privilege escalation vulnerability in Trustport security software



Local privilege escalation vulnerability in Trustport security software
Local privilege escalation vulnerability in Trustport security software



ShineShadow Security Report 28092009-10=0D
=0D
TITLE=0D
=0D
Local privilege escalation vulnerability in Trustport security software =0D
=0D
BACKGROUND =0D
=0D
TrustPort is a major producer of software solutions for secure communication and reliable data protection. TrustPort products are characterized by a comprehensive approach to security of both computers and computer networks, protecting against known threats, whilst effectively facing new dangers. They excel in several security areas including antivirus technology, antispam methods, and encryption technology.=0D
=0D
Source: http://www.trustport.com =0D 
=0D
VULNERABLE PRODUCTS =0D
=0D
TrustPort Antivirus 2.8.0.2265=0D
TrustPort Antivirus Business 2.8.0.2265=0D
TrustPort PC Security 2.0.0.1290=0D
TrustPort PC Security Business 2.0.0.1290=0D
=0D
Previous versions may also be affected=0D
=0D
DETAILS =0D
=0D
Trustport installs the own program files with insecure permissions (Everyone - Full Control). Local attacker (unprivileged user) can replace some files (including executable files of Trustport services) by malicious files and execute arbitrary code with SYSTEM privileges.=0D
=0D
EXPLOITATION =0D
=0D
This is local privilege escalation vulnerability. An attacker must have valid logon credentials to a system where vulnerable software is installed.=0D
=0D
WORKAROUND =0D
=0D
Trustport has addressed this vulnerability by releasing fixed versions of the vulnerable products:=0D
TrustPort Antivirus 2.8.0.2266=0D
TrustPort Antivirus Business 2.8.0.2266=0D
TrustPort PC Security 2.0.0.1291=0D
TrustPort PC Security Business 2.0.0.1291=0D
=0D
You can download it from the vendor website:=0D
http://www.trustport.com/en/download=0D 
=0D
DISCLOSURE TIMELINE =0D
=0D
16/08/2009 Initial vendor notification=0D
17/08/2009 Vendor response =0D
17/08/2009 Vulnerability details sent=0D
18/08/2009 Vendor response that this security problem is known and will be solved in the next version of product=0D
18/08/2009 Query for full list of the vulnerable software and planned release date of the fix. No reply.=0D
24/08/2009 Resend query.=0D
25/08/2009 Vendor provided requested information=0D
09/09/2009 Vendor released the fixed versions of products=0D
10/09/2009 I notified vendor that the vulnerability has not been fixed. The released update only mitigated vulnerability but did not remove it.=0D
11/09/2009 Vendor agreed and promised to release new fix as soon as possible=0D
24/09/2009 Vendor released new fixed versions of his products=0D
28/09/2009 Advisory released=0D
=0D
CREDITS =0D
=0D
Maxim A. Kulakov (aka ShineShadow) =0D
ss_contacts[at]hotmail.com

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.