Vigil@nce - Symantec Enterprise Security Manager: privilege escalation via a search path
December 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can manage a search path used by Symantec
Enterprise Security Manager, in order to make it execute arbitrary
machine code under privileged account.
Impacted products: Symantec ESM
Severity: 2/4
Creation date: 14/12/2012
DESCRIPTION OF THE VULNERABILITY
A local attacker can manage a search path used by Symantec
Enterprise Security Manager, in order to make it execute arbitrary
machine code under privileged account.
Technicals details are unknown. One may suppose that a search path
for programs or libraries depend on user controlled data, which
would allow the attacker to make the product load some programs
from a user writable directory, instead of only product
installation directories.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN