Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. This allows a privileged local user to execute arbitrary code even after that user loses access and all disk partitions are reformatted.
References
Link | Resource |
---|---|
https://www.coresecurity.com/system/files/publications/2016/05/Paper-Deactivate-the-Rootkit-AOrtega-ASacco.pdf | Exploit Technical Description Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-05-11T19:00:00
Updated: 2018-05-11T19:57:02
Reserved: 2018-05-11T00:00:00
Link: CVE-2009-5150
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-05-11T19:29:00.220
Modified: 2018-06-14T13:01:37.017
Link: CVE-2009-5150
JSON object: View
Redhat Information
No data.
CWE