|
Family: Windows : Microsoft Bulletins --> Category: infos
Flaw in Network Connection Manager Could Enable Privilege Elevation (Q326886) Vulnerability Scan
Vulnerability Scan Summary Checks for MS Hotfix Q326886, Network Elevated Privilege
Detailed Explanation for this Vulnerability Test
Synopsis :
A local user can elevate his rights.
Description :
The remote host contains a flaw in the Network Connection Manager
which may allow a local user to elevate his rights.
To exploit this vulnerability a user need to send a specially crafted
code to the Network Manager handle to execute arbitrary code with the
rights of the SYSTEM.
Solution :
Microsoft has released a set of patches for Windows 2000 :
http://www.microsoft.com/technet/security/bulletin/ms02-042.mspx
Threat Level:
Medium / CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:N/A:C/I:N/B:A)
Click HERE for more information and discussions on this network vulnerability scan.
|