0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Telefonica O2 Connection Manager 3.4 Local Privilege Escalation
Telefonica O2 Connection Manager 3.4 Local Privilege Escalation Vulnerability Vendor: Telefonica S.A. Product web page: http://www.telefonica.com | http://www.o2.co.uk Affected version: 3.4.R1 (108) Summary: O2 Connection Manager will help you to manage your internet connections by getting you connected to the fastest available network. Automatically connect you to the fastest available network including your home broadband if you have a wireless router. Desc: O2 Connection Manager suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable files with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag (Full) for 'Everyone' group, making the entire directory 'O2 Connection Manager' and its files and sub-dirs world-writable. Tested on: Microsoft Windows 7 Professional SP1 (EN) Microsoft Windows 7 Ultimate SP1 (EN) Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscience Advisory ID: ZSL-2014-5199 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5199.php 22.09.2014 --- ========================================================================== Arguments Used: Filename = "C:\Program Files (x86)\O2CM-CE\O2 Connection Manager" ************************************************************************** Directory: C:\Program Files (x86)\O2CM-CE\O2 Connection Manager Permissions: Type Username Permissions Inheritance Allowed \Everyone Full Control This Folder Only Allowed \Everyone Special (Unknown) Files Only Allowed BUILTIN\Administrators Special (DCBA654321) This Folder and Files Allowed NT SERVICE\TrustedInsta Full Control This Folder Only Allowed NT SERVICE\TrustedInsta Special (Unknown) Subfolders only Allowed NT AUTHORITY\SYSTEM Full Control This Folder Only Allowed NT AUTHORITY\SYSTEM Special (Unknown) Subfolders and Files Allowed BUILTIN\Administrators Full Control This Folder Only Allowed BUILTIN\Administrators Special (Unknown) Subfolders and Files Allowed BUILTIN\Users Read and Execute This Folder Only Allowed BUILTIN\Users Special (Unknown) Subfolders and Files Allowed \CREATOR OWNER Special (Unknown) Subfolders and Files No Auditing set Owner: NT AUTHORITY\SYSTEM ************************************************************************** Operation Complete Elapsed Time: 0,234375 seconds. ========================================================================== Arguments Used: Filename = "C:\Program Files (x86)\O2CM-CE\O2 Connection Manager\tscui.exe" ************************************************************************** File: C:\Program Files (x86)\O2CM-CE\O2 Connection Manager\tscui.exe Permissions: Type Username Permissions Inheritance Allowed \Everyone Full Control This Folder Only Allowed BUILTIN\Administrators Special (DCBA654321) This Folder Only Allowed NT AUTHORITY\SYSTEM Full Control This Folder Only Allowed BUILTIN\Administrators Full Control This Folder Only Allowed BUILTIN\Users Read and Execute This Folder Only No Auditing set Owner: NT AUTHORITY\SYSTEM ************************************************************************** Operation Complete Elapsed Time: 0,125 seconds. ========================================================================== C:\Program Files (x86)\O2CM-CE\O2 Connection Manager>icacls *.exe |findstr "Everyone:(I)(F)" Elevate.exe Everyone:(I)(F) locSrch.exe Everyone:(I)(F) md5sum.exe Everyone:(I)(F) patch.exe Everyone:(I)(F) ProfileImp.exe Everyone:(I)(F) SupportAssistant.exe Everyone:(I)(F) tscui.exe Everyone:(I)(F) vcredist_x86.exe Everyone:(I)(F) WifiProfileImportTool.exe Everyone:(I)(F) XAU.exe Everyone:(I)(F) C:\Program Files (x86)\O2CM-CE\O2 Connection Manager> ========================================================================== # 0day.today [2024-07-04] #