mdaemon72.txt

2004-12-11T00:00:00
ID PACKETSTORM:35207
Type packetstorm
Reporter Reed Arvin
Modified 2004-12-11T00:00:00

Description

                                        
                                            `Summary:  
A privilege escalation flaw exists in MDaemon 7.2 (http://www.mdaemon.com).  
  
Details:  
A privilege escalation technique can be used to gain SYSTEM level  
access while interacting with the MDaemon tray icon.  
  
Vulnerable Versions:  
MDaemon 7.2  
  
Solutions:  
The vendor was notified of the issue. There was no response.  
  
Exploit:  
1. Double click on the mail icon in the Taskbar to open the Alt-N  
MDaemon Pro window.  
2. Click File, click New  
3. Notepad should open. In Notepad click File, click Open  
4. In the Files of type: field choose All Files  
5. Navagate to %WINDIR%\System32\  
6. Right click cmd.exe and choose Open  
7. A new command shell will open with SYSTEM privileges  
  
Discovered by Reed Arvin reedarvin[at]gmail[dot]com  
  
`