Win32 Local Privilege Escalation when Stunnel installed as a System service - stunnel-users - stunnel.org

List overview All Threads
Download

Win32 Local Privilege Escalation when Stunnel installed as a System service

Stunnel HTTPS Client Issue

stunnel Bug Tracking System

Ian

17 Aug 2005 17 Aug '05

2:12 p.m.

Hi,

There is a trivial to exploit Local Privilege Escalation when stunnel is installed as a system service on windows.

Who should I inform of this so a fix can be made?

Thanks

Ian

--

Reply

Show replies by date

Luca Giommi

17 Aug 17 Aug

4:14 p.m.

Michal Trojnara i guess http://www.stunnel.org/about/credits.html

On 8/17/05, Ian cobalt-users1@fishnet.co.uk wrote:

Hi,

There is a trivial to exploit Local Privilege Escalation when stunnel is installed as a system service on windows.

Who should I inform of this so a fix can be made?

Thanks

Ian

stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users

Reply

Claus Lund

5:23 p.m.

New subject: Win32 Local Privilege Escalation when Stunnelinstalled as a System service

Submit a bug report: http://stunnel.mirt.net/flyspray/

-----Original Message----- From: stunnel-users-bounces@mirt.net [mailto:stunnel-users-bounces@mirt.net]On Behalf Of Ian Sent: Wednesday, August 17, 2005 10:12 AM To: stunnel-users@mirt.net Subject: [stunnel-users] Win32 Local Privilege Escalation when Stunnelinstalled as a System service

Hi,

There is a trivial to exploit Local Privilege Escalation when stunnel is installed as a system service on windows.

Who should I inform of this so a fix can be made?

Thanks

Ian

stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users

Reply

Brian Hatch

18 Aug 18 Aug

1:03 a.m.

New subject: Win32 Local Privilege Escalation when Stunnelinstalled as a System service

Submit a bug report: http://stunnel.mirt.net/flyspray/

If it's a security issue, I'd suggest contacting Michael directly first so he can get a fix out asap. If you're looking for a disclosure roadmap, I'd suggest using the RFPolicy.

-- Brian Hatch "So, do you want to say anything here?" Systems and "I was thinking about it." Security Engineer (10 more minutes of silence) http://www.ifokr.org/bri/ --Eric and Glenn Every message PGP signed

Reply

Michal Trojnara

7:37 a.m.

New subject: Win32 Local Privilege Escalation when Stunnelinstalled as a System service

"Ian" cobalt-users1@fishnet.co.uk wrote:

There is a trivial to exploit Local Privilege Escalation when stunnel is installed as a system service on windows.

Who should I inform of this so a fix can be made?

Me. 8-)

I'm aware about this problem. It is easily possible to get localsystem privileges on Windows when stunnel is running as a service.

Because: 1. There are thousands of other ways to do it. Windows uses Swiss Cheese Local Security Model. http://en.wikipedia.org/wiki/Swiss_cheese 2. Virtually everyone uses an administrator account, so can gain localsystem privileges easily. The current status of this bug is WONTFIX, but I'm open to persuasion.

Best regards, Mike

Reply

7036

Age (days ago)

7037

Last active (days ago)

stunnel-users@stunnel.org

4 comments

5 participants

tags (0)

participants (5)

Brian Hatch
Claus Lund
Ian
Luca Giommi
Michal Trojnara