Lucene search
K

4 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation

No description provided by source. South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation. This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/01/28 12:0 a.m.20 views

WebDrive缺少安全描述符本地权限提升漏洞

BUGTRAQ ID: 37955 CVE ID: CVE-2009-4606 WebDrive是Windows化的文件传输软件,可将FTP服务器设置为硬盘盘符。 WebDrive所安装的WebDrive服务没有设置安全描述符,本地用户可以通过stop命令终止服务、使用config命令修改binPath变量并执行任意命令,或通过start命令重启服务。 South River Technologies WebDrive 9.02 厂商补丁: South River Technologies ------------------------...

7.2CVSS6.4AI score0.008EPSS
Exploits2
Packet Storm
Packet Storm
added 2010/01/27 12:0 a.m.34 views

South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation

South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation. This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River...

7.2CVSS0.3AI score0.008EPSS
Exploits2
CVE
CVE
added 2010/01/13 11:0 a.m.40 views

CVE-2009-4606

South River Technologies WebDrive 9.02 build 2232 is vulnerable to a local privilege escalation due to the WebDrive Service being installed without a security descriptor. An attacker with local access can stop the service, modify the binPath via config to execute arbitrary commands as SYSTEM, or ...

7.2CVSS7.4AI score0.008EPSS
Exploits2References6Affected Software1
Rows per page
Query Builder