CVE-2011-1056 Information

Description

The installer for Metasploit Framework 3.5.1 when running on Windows uses weak inherited permissions for the Metasploit installation directory which allows local users to gain privileges by replacing critical files with a Trojan horse.

Reference

http://blog.metasploit.com/2011/02/metasploit-framework-352-released.html http://osvdb.org/70857 http://secunia.com/advisories/43166 http://www.vupen.com/english/advisories/2011/0371