16 lines
No EOL
774 B
Text
16 lines
No EOL
774 B
Text
#Title: Sysax FTP Automation Server Local Privilege Escalation
|
|
#Author: Craig Freyman (@cd1zz)
|
|
#OS Tested: XP SP3 32bit
|
|
#Version Tested: 5.33
|
|
#Date Discovered: October 1, 2012
|
|
#Vendor Contacted: October 21, 2012
|
|
#Vendor Response: November 1, 2012
|
|
#Demo: http://www.pwnag3.com/2012/11/sysax-ftp-automation-server-privilege.html
|
|
|
|
Sysax FTP Automation <= 5.33 has a privilege escalation vulnerability. This can be exploited
|
|
by leveraging the Scheduled Script -> Scheduled Task functionality. The scheduled task
|
|
function allows you to run any external program/execuable you want, without specifying
|
|
credentials. By default, this product installs under the LOCALSYSTEM service so when the
|
|
binary is executed, it runs under that context.
|
|
|
|
Sysax fixed this problem in version 5.34. |