[stunnel-users] Win32 Local Privilege Escalation when Stunnelinstalled as a System service

Michal Trojnara Michal.Trojnara at mobi-com.net
Thu Aug 18 09:37:09 CEST 2005


"Ian" <cobalt-users1 at fishnet.co.uk> wrote:

> There is a trivial to exploit Local Privilege Escalation when stunnel
> is installed as a system service on windows.
>
> Who should I inform of this so a fix can be made?

Me.  8-)

I'm aware about this problem.  It is easily possible to get localsystem 
privileges on Windows when stunnel is running as a service.

Because:
1. There are thousands of other ways to do it.  Windows uses Swiss Cheese 
Local Security Model.
http://en.wikipedia.org/wiki/Swiss_cheese
2. Virtually everyone uses an administrator account, so can gain localsystem 
privileges easily.
The current status of this bug is WONTFIX, but I'm open to persuasion.

Best regards,
    Mike 




More information about the stunnel-users mailing list