Microsoft Operating Systems Have Unspecified Flaw That Yields Kernel Level Access to Local Users
|
|
SecurityTracker Alert ID: 1009546
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Mar 24 2004
|
Impact: Root access via local system
|
Advisory: eEye Digital Security
|
Version(s): Windows NT 4.0, 2000, 2003, XP
|
Description: An unspecified vulnerability was reported in Microsoft's Windows NT 4.0, 2000, 2003, and XP operating systems. A local user can gain full control of the system.
eEye Digital Security reported that a core services function of Microsoft operating systems contains a vulnerability. A local user
can gain kernel level privileges ("privileges greater than SYSTEM").
No further details were provided pending vendor notification
and correction.
The vendor was reportedly notified on March 18, 2004.
|
Impact: A local user can gain elevated privileges on the target system. eEye reports that the privileges gained can be "greater than SYSTEM" privileges.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.microsoft.com/technet/security/ (Links to External Site)
|
Cause: Not specified
|
Underlying OS: Windows (NT), Windows (2000), Windows (2003), Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 23 Mar 2004 21:58:26 -0500
Subject: http://www.eeye.com/html/Research/Upcoming/20040318.html
|
http://www.eeye.com/html/Research/Upcoming/20040318.html
> EEYEB-20040318
eEye Digital Security reported that a core services function of Microsoft operating
systems contains a vulnerability. A local user can gain kernel level privileges
("privileges greater than SYSTEM").
The following systems are reportedly affected:
Windows NT 4.0
Windows 2000
Windows XP
Windows Server 2003
The vendor was reportedly notified on March 18, 2004.
|
|
