======================================================================
Secunia Research 21/12/2004
- Spy Sweeper Enterprise Client Privilege Escalation Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
======================================================================
1) Affected Software
Spy Sweeper Enterprise 1.5.1 (Build 3698)
NOTE: Other versions may also be affected.
======================================================================
2) Severity
Rating: Less Critical
Impact: Privilege Escalation
Where: Local System
======================================================================
3) Vendor's Description of Software
Spy Sweeper Enterprise:
"Webroot Spy Sweeper Enterprise provides comprehensive spyware protection for corporations. Using a client / server architecture, Spy Sweeper Enterprise proactively detects and removes all forms of spyware and malware within the organization".
Product link:
http://www.webroot.com/products/spysweeper/enterprise/
======================================================================
4) Description of Vulnerability
Secunia Research has discovered a vulnerability in Spy Sweeper Enterprise, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to the Spy Sweeper Enterprise Client "SpySweeperTray.exe" process invoking the help functionality with SYSTEM privileges.
This can be exploited to execute arbitrary commands on a system with escalated privileges.
======================================================================
5) Solution
The vendor has issued version 2.0, which fixes the vulnerability.
======================================================================
6) Time Table
15/11/2004 - Vulnerability discovered.
15/11/2004 - Vendor notified.
15/11/2004 - Vendor response.
19/12/2004 - Vendor issues version 2.0.
21/12/2004 - Public disclosure.
======================================================================
7) Credits
Discovered by Carsten Eiram, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has not currently assigned the vulnerability a candidate number.
======================================================================
9) About Secunia
Secunia collects, validates, assesses, and writes advisories regarding all the latest software vulnerabilities disclosed to the public. These advisories are gathered in a publicly available database at the Secunia website:
http://secunia.com/
Secunia offers services to our customers enabling them to receive all relevant vulnerability information to their specific system configuration.
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/secunia_security_advisories/
======================================================================
10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2004-14/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
======================================================================