Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows : Microsoft Bulletins --> Category: infos

Winreg registry key writeable by non-admins Vulnerability Scan

Vulnerability Scan Summary
Acertains the permissions for the winreg key

Detailed Explanation for this Vulnerability Test

Synopsis :

Local users can elevate their rights.

Description :

The key HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg
is writeable by non-administrators.

The installation software of Microsoft Exchange sets this key to
a world-writeable mode.

Local users may use this misconfiguration to escalate their rights on
this host.

Solution :

Microsoft has released a set of patches for the Windows NT, 2000 and XP :

Threat Level:

High / CVSS Base Score : 7

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.