CVE-2005-4505

McAfee VirusScan Enterprise 8.0i-CMA 3.5 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-4505. PoCs published by Reed Arvin.

AI-analyzed exploit summary This exploit leverages an unquoted path vulnerability in McAfee VirusScan's 'naPrdMgr.exe' process to execute arbitrary code with elevated privileges. It creates a local user 'Program' and adds it to the Administrators group, demonstrating privilege escalation.

Description

Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Reed Arvin · clocalwindows

https://www.exploit-db.com/exploits/26970

View Code ZIP pw:eip

This exploit leverages an unquoted path vulnerability in McAfee VirusScan's 'naPrdMgr.exe' process to execute arbitrary code with elevated privileges. It creates a local user 'Program' and adds it to the Administrators group, demonstrating privilege escalation.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: McAfee VirusScan Enterprise 8.0i (patch 11)

Auth required

Prerequisites: Local access to the target system · Ability to create a user account

MITRE ATT&CK