CVE-2013-10046
HIGHAgnitum Outpost Internet Security 8.1 - Privilege Escalation
Title source: llmExploitation Summary
EIP tracks 3 public exploits for CVE-2013-10046.
PoCs published by Metasploit, Ahmad Moghimi, Ahmad Moghimi, juan vazquez, including Metasploit module exploits/windows/local/agnitum_outpost_acs.
AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in Agnitum Outpost Internet Security 8.1 via the acsipc_server named pipe to load arbitrary DLLs and execute code with SYSTEM privileges.
Description
A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges. The flaw resides in the acs.exe component, which exposes a named pipe that accepts unauthenticated commands. By exploiting a directory traversal weakness in the pipe protocol, an attacker can instruct the service to load a malicious DLL from a user-controlled location. The DLL is then executed in the context of the privileged service.
Exploits (3)
This Metasploit module exploits a directory traversal vulnerability in Agnitum Outpost Internet Security 8.1 via the acsipc_server named pipe to load arbitrary DLLs and execute code with SYSTEM privileges.
This exploit demonstrates a privilege escalation vulnerability in Agnitum Outpost Security Suite Pro 8.1 by leveraging a DLL hijacking technique via Regsvr32.exe. The attacker registers a malicious DLL and executes it to escalate privileges from a low-privileged account.
This Metasploit module exploits a directory traversal vulnerability in Agnitum Outpost Internet Security 8.1 via the acsipc_server named pipe to load arbitrary DLLs and execute code with SYSTEM privileges. It demonstrates a local privilege escalation (LPE) by writing a malicious DLL to a writable directory and triggering its execution through the vulnerable named pipe.
References (4)
Scores
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N