Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

F-Secure BlackLight 2.2.1092 Local Privilege Escalation Vulnerability

🗓️ 14 Aug 2011 00:00:00Reported by Gjoko KrsticType 
zeroscience
 zeroscience🔗 www.zeroscience.mk👁 19 Views

F-Secure BlackLight 2.2.1092 Local Privilege Escalation Vulnerability - Improper Permission

Code
<html><body><p>F-Secure BlackLight 2.2.1092 Local Privilege Escalation Vulnerability


Vendor: F-Secure Corporation
Product web page: http://www.f-secure.com
                  http://www.f-secure.com/en_EMEA-Labs/security-threats/tools/blacklight/
Affected version: 2.2.1092

Summary: F-Secure BlackLight is a tool that detects files, folders and
processes hidden from the user and other programs. BlackLight is also
able to remove hidden malware by renaming them.

Desc: The rootkit eliminator is vulnerable to an elevation of privileges
vulnerability which can be used by a simple user that can change the
executable file with a binary of choice. The vulnerability exist due to
the improper permissions, with the 'C' flag (change/write) for the 'Everyone'
group, for the 'fsbl.exe' binary file.

Tested on: Microsoft Windows XP Professional SP3 (EN)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2011-5038
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5038.php


10.08.2011

--


C:\&gt;cacls fsbl.exe
C:\fsbl.exe BUILTIN\Administrators:F
            Everyone:C
            LABPC\User4:F
            NT AUTHORITY\SYSTEM:F

C:\&gt;
</p></body></html>

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
14 Aug 2011 00:00Current
5.8Medium risk
Vulners AI Score5.8
f-secure blacklightprivilege escalationvulnerabilityelevation of privilegesimproper permissionsf-secure corporationwindows xpgjoko krsticzero science lab
19