Vigil@nce - Symantec PGP/Encryption Desktop: privilege escalation via RDDService
August 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can store a malicious program in the PATH of
RDDService of Symantec PGP/Encryption Desktop, in order to
escalate his privileges.
Impacted products: Symantec Encryption Desktop, PGP Desktop
Severity: 2/4
Creation date: 02/08/2013
DESCRIPTION OF THE VULNERABILITY
The Symantec PGP Desktop and Symantec Encryption Desktop products
install the RDDService service.
However, this service calls an external command without using its
full access path.
A local attacker can therefore store a malicious program in the
PATH of RDDService of Symantec PGP/Encryption Desktop, in order to
escalate his privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN