EPSON Status Monitor 3 local privilege escalation vulnerability Jul 30 2009 04:40AM nospam gmail it:SecurityFocus(情報元のブックマーク数)
EPSON Status Monitor 3 にローカル権限上昇の脆弱性が存在とのことです。
------- EPSON Status Monitor 3 local privilege escalation vulnerability --------
http://www.securityfocus.com/archive/1/505410
by Nine:Situations:Group::bruiser
site: http://retrogod.altervista.org/
--------------------------------------------------------------------------------
After that pyrokinesis found: http://www.milw0rm.com/exploits/9199
I prepared a tool to check for weak permissions and I come out with this:
C:\>sc qc EPSON_EB_RPCV4_01
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: EPSON_EB_RPCV4_01
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
LOAD_ORDER_GROUP :