PC Tools Spyware Doctor v6.0 flaw

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1052448 漏洞类型
发布时间 2008-10-09 更新时间 2008-10-09
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2008100029
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
Report: PC Tools Spyware Doctor v6.0 flaw
Set 7, 2008

-- Affected Vendors:
PC Tools

-- Affected Products:
Spyware Doctor v6.0

-- Download at:
http://www.pctools.com/mirror/sdasetup.exe

http://rapidshare.com/files/151742881/bd.rar.html
http://rapidshare.com/files/151742881/bd.rar.html?killcode=192850860729954980
Password: forspywaredoctortest

-- Vulnerability Details:
A flaw exists in PC Tools Spyware Doctor while deleting a particular
Backdoor. The mechanism used to clean an infected machine will crash
the machine. (Blue Screen of Death might appear)



-- Step by Step
1) Instaled Windows XP.

2) Created the trojan (with ejection in IE) with the client.

3) Executed the trojan.

6) Instaled PC Tools Firewall Plus 4.0 and made a reboot.

4) Instaled Spyware Doctor 6.0

5) Run the Smart Update and downloaded 26 signature database files (35MB)

6) Spyware Doctor automaticaly runs a scan and finds Backdoor.Beastdoor.

8) Tried to remove the backdoor. The system crashed and made a reboot.

9) Tried to remove the backdoor several times and the result was the
same, a system crash.

10) Entered in safe boot, made a scan and i was able to delete it.



-- Dificulty Level:
High, it only happen as far as i know we one Backdoor.

-- Disclosure Timeline:
2008-07-29 - Published
2008-09-07 - Disclosed

-- About:
Fabio Pinheiro at http://dicas3000.blogspot.com