4 matches found
South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation
No description provided by source. South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation. This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated...
WebDrive缺少安全描述符本地权限提升漏洞
BUGTRAQ ID: 37955 CVE ID: CVE-2009-4606 WebDrive是Windows化的文件传输软件,可将FTP服务器设置为硬盘盘符。 WebDrive所安装的WebDrive服务没有设置安全描述符,本地用户可以通过stop命令终止服务、使用config命令修改binPath变量并执行任意命令,或通过start命令重启服务。 South River Technologies WebDrive 9.02 厂商补丁: South River Technologies ------------------------...
South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation
South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation. This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River...
CVE-2009-4606
South River Technologies WebDrive 9.02 build 2232 is vulnerable to a local privilege escalation due to the WebDrive Service being installed without a security descriptor. An attacker with local access can stop the service, modify the binPath via config to execute arbitrary commands as SYSTEM, or ...