|
Family: Windows --> Category: infos
SMB Registry : permissions of the SNMP key Vulnerability Scan
Vulnerability Scan Summary Acertains the access rights of a remote key
Detailed Explanation for this Vulnerability Test
Synopsis :
Local users can gain additinal rights.
Descirption :
The registry key HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters
can be modified by users who are not in the admin group.
Write access to this key allows an unprivileged user to gain additional
rights.
See also :
http://www.microsoft.com/technet/security/bulletin/ms00-095.mspx
Solution :
Use regedt32 and set the permissions of this key to :
- admin group : Full Control
- system : Full Control
- everyone : Read
Threat Level:
Medium / CVSS Base Score : 5
(AV:L/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|