|
|
Info |
Last Modified |
| 10 months ago |
|
|
|
|
Description |
This is a privilege elevation vulnerability. An attacker who successfully exploited this vulnerability could gain complete control over the machine, thereby gaining the ability to take any desired action on the machine, such as adding, deleting, or modifying data on the system, creating or deleting user accounts, and adding accounts to the local administrators group.
|
|
Classification |
Unknown or Incomplete
|
|
Technical |
Windows 2000 systems (Pre Service Pack4) have a flaw in the Network Connection Manager (NCM) that could make it possible for an attacker to cause the handler routine to run in the security context of LocalSystem. An attacker who exploited this flaw could imbed arbitrary code as the handler, then establish a network connection in order to cause that code to be executed by the NCM. The code would then run with full system privileges.
|
|
Solution |
Download and install Patch Q326886 from Microsoft:
Best practices suggest that unprivileged users not be allowed to interactively log onto business-critical servers. If this recommendation has been followed, machines such as domain controllers, ERP servers, print and file servers, database servers, and others would not be at risk from this vulnerability.
|
|
Products |
|
Windows
 |
2000 |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
