[Full-Disclosure] Privilege escalation flaw in MDaemon 7.2.
reedarvin at gmail.com
Mon Nov 29 15:44:26 GMT 2004
A privilege escalation flaw exists in MDaemon 7.2 (http://www.mdaemon.com).
A privilege escalation technique can be used to gain SYSTEM level
access while interacting with the MDaemon tray icon.
The vendor was notified of the issue. There was no response.
1. Double click on the mail icon in the Taskbar to open the Alt-N
MDaemon Pro window.
2. Click File, click New
3. Notepad should open. In Notepad click File, click Open
4. In the Files of type: field choose All Files
5. Navagate to %WINDIR%\System32\
6. Right click cmd.exe and choose Open
7. A new command shell will open with SYSTEM privileges
Discovered by Reed Arvin reedarvin[at]gmail[dot]com
Full-Disclosure is hosted and sponsored by Secunia.