Weak Inherited Permissions in Metasploit Framework Installer on Windows

Weak Inherited Permissions in Metasploit Framework Installer on Windows

CVE-2011-1056 · MEDIUM Severity

AV:L/AC:H/AU:N/C:C/I:C/A:C

The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse.

Learn more about our User Device Pen Test.