Antamedia Internet Cafe Software 7.1 Insecure Permissions/DLL Loading

Title: Antamedia Internet Cafe Software 7.1 Insecure Permissions/DLL Loading
Advisory ID: ZSL-2011-5005
Type: Local/Remote
Impact: System Access, Privilege Escalation
Risk: (4/5)
Release Date: 03.04.2011
Summary
Internet Cafe Software – Cyber Cafe software is a worldwide top selling solution for CyberCafe management and game center control. It protects your computers from unauthorized usage and helps with customer billing. Many features like POS, print manager, console controller, smart cards, credit card billing, makes it suitable for any cyber cafe, hotel, airport terminals, game center.
Description
Antamedia ICS suffers from a dll hijacking vulnerability and improper ACL permissions that enables the attacker to execute arbitrary code or change the binary with another of his/her choice because of the (C)Change perm for the group Everyone (AICLogin.exe, AICCore.exe). The vulnerable extensions are .fp3 and .swf thru qwave.dll library.
Vendor
Antamedia - http://www.antamediacafe.com
Affected Version
7.1.1.0
Tested On
Microsoft Windows XP Professional SP3 (EN)
Vendor Status
N/A
PoC
antamedia.c
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://securityreason.com/exploitalert/10271
[2] http://packetstormsecurity.org/files/100029
Changelog
[03.04.2011] - Initial release
[04.04.2011] - Added reference [1] and [2]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk