漏洞标题
N/A
漏洞描述信息
Dell SupportAssist Client 消费者版本3.9.13.0 以及任何版本在3.9.13.0之前 contain 一个任意文件删除漏洞,可以利用NTFS的Windows功能称为 symbolic links 进行 exploitation。 symbolic links 可以在一些对象目录下由任何(非特权)用户创建,但它们本身不足以成功提升权限。然而,将它们与一个不同的对象,如NTFS连接点相结合,可以实现 exploitation。支持辅助清理文件功能并未区分连接点与物理文件夹,并将继续清理连接点的目标,允许非特权用户创建连接点并在系统中删除任意文件,这些文件只有管理员可以访问。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
漏洞类别
对路径名的限制不恰当(路径遍历)
漏洞标题
Dell SupportAssist Client 后置链接漏洞
漏洞描述信息
Dell SupportAssist Client是美国戴尔(Dell)公司的一款客户端应用程序。该程序提供自动化、主动和预测性技术进行故障排除等。 Dell SupportAssist Client Consumer 中存在后置链接漏洞,该漏洞源于产品允许任何用户在任何目录下创建符号链接。攻击者可通过该漏洞与NTFS junction point结合升级特权并任意删除文件。 以下产品及版本受到影响:Dell SupportAssist Client Consumer 3.9.13.0 版本及之前版本。
CVSS信息
N/A
漏洞类别
后置链接