Info

Disclosure

Apr 05, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

NOD32 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered due to the NOD32 GUI (nod32.exe) running with SYSTEM privileges when a scheduled on-demand scan is run by the scheduler. This can be exploited to invoke cmd.exe with SYSTEM privileges when a scheduled scan is running. This flaw may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Misconfiguration
Impact: Loss of Integrity
Disclosure: OSVDB Verified

Solution

Upgrade to version 2.51.26 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

eset

NOD32

2.51.20.0

References

Secunia Advisory ID: 19054
CVE ID: 2006-0951 (see also: NVD)
Related OSVDB ID: 24393
VUPEN Advisory: ADV-2006-1242
Other Advisory URL: http://secunia.com/secunia_research/2006-17/advisory/
Vendor URL: http://www.eset.com/

Credit

Tan Chew Keong - Secunia Research

Direct URL: http://osvdb.org/24394