![]() However this file could not be used for exploitaion as it is always used/taken by Check Point service so for example this is why users cannot delete it in normal conditions (unless service crashes and/or is restarted). Over this log file all authenticated users have full control and it was found that Check Point service writes to it with SYSTEM privileges. It was found that Check Point software (Endpoint Security Client and ZoneAlarm) uses tvDebug.log file stored in "C:\Windows\Internet Logs\tvDebug.log" or in ProgramData, for example "C:\ProgramData\CheckPoint\ZoneAlarm\Logs\tvDebug.log". ![]() It is possible to change permissions of arbitrary file so that user have full control over it after exploitation which results in Local Privilege Escalation. # Version: Check Point Endpoint Security VPN <= E80.87 Build 986009514 # Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |