[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dailydave
Subject:    [Dailydave] Bad Medicine
From:       Alex McGeorge <alexm () immunityinc ! com>
Date:       2011-04-27 16:12:58
Message-ID: 4DB8408A.3070309 () immunityinc ! com
[Download RAW message or body]

Hello DD,

Vulnerabilities in defense oriented software are always kind of funny
(CVE-2005-3252, CVE-2007-3302, CVE-2010-3189, etc). Some people even
make a sport of it (http://bit.ly/144o2C). Well it's time to refill the
chuckle trough because our good friends over at GLEG.net, who you know
from their recent SCADA exploit shenanigans, have added an exploit for
an arbitrary command execution in Symantec anti-virus to CANVAS via
their Agora exploit pack.

This vulnerability has been out since August of 2010 but I'm willing to
wager a non-trivial portion of anti-virus admins only care if their
definitions are up to date. So this could be fun when you find yourself
in the soft nougat center of a network. A little python scripting work
and you've got yourself local admin accounts across an enterprise.

Here's a video demo for your perusal:
http://partners.immunityinc.com/movies/gleg-symantecams.zip
Pricing and purchasing questions can be sent to: sales@immunityinc.com

Cheers,
-AlexM

-- 
Alex McGeorge
Immunity Inc.
1130 Washington Avenue 8th Floor
Miami Beach, Florida 33139
P: 786.220.0600

_______________________________________________
Dailydave mailing list
Dailydave@lists.immunityinc.com
https://lists.immunityinc.com/mailman/listinfo/dailydave
[prev in list] [next in list] [prev in thread] [next in thread]