0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Netlux Antivirus 1.0.1.8 Session Manager Service Privilege Escalation

Author

LiquidWorm

Risk

[

Security Risk High

]

0day-ID

Category

Date add

Platform

Netlux Antivirus 1.0.1.8 Session Manager Service Privilege Escalation


Vendor: Netlux Systems Private Limited.
Product web page: http://www.netluxantivirus.com
Affected version: 1.0.1.8 and 1.0.1.4

Summary: Netlux Antivirus is an award-winning product that provides
comprehensive protection against all types of viruses,trojans,malwares
and spywares, secures your data, protects your privacy and ensures
your PC remains virus-free.

Desc: The Netlux Antivirus suffers from an unquoted search path issue
impacting the Session Manager Service 'NXSessSvc' service for Windows
deployed as part of Netlux Antivirus package. This could potentially
allow an authorized but non-privileged local user to execute arbitrary
code with elevated privileges on the system. A successful attempt would
require the local user to be able to insert their code in the system
root path undetected by the OS or other security applications where it
could potentially be executed during application startup or reboot. If
successful, the local user’s code would execute with the elevated
privileges of the application.

Tested on: Microsoft Windows Ultimate SP1 (EN)


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2015-5245
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5245.php


01.06.2015

---


C:\Users\User>sc qc NXSessSvc
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: NXSessSvc
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files (x86)\Netlux\NetluxAntivirus\NXSRV.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Netlux Session Manager Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\Users\User>

#  0day.today [2024-11-15]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Netlux Antivirus 1.0.1.8 Session Manager Service Privilege Escalation

Report Error

Report Error