Microsoft Windows Remote Desktop 'TSShutdn.exe' Lets Remote Authenticated Users Shutdown the System
|
|
SecurityTracker Alert ID: 1013552
|
|
SecurityTracker URL: http://securitytracker.com/id?1013552
|
|
CVE Reference: CVE-2005-0904
(Links to External Site)
|
Updated: Jul 7 2008
|
Original Entry Date: Mar 24 2005
|
Impact: Denial of service via network
|
Fix Available: Yes
Exploit Included: Yes
Vendor Confirmed: Yes
|
Description: A vulnerability was reported in Microsoft Windows Remote Desktop. A remote authenticated user can shutdown the target system.
The Remote Desktop does not check the 'Force shutdown from a remote system' user right. A remote user without administrative privileges can invoke the 'TSShutdn.exe' command to shutdown the remote system.
Windows XP SP1 is affected.
|
Impact: A remote authenticated user can shutdown the target system.
|
Solution: A hotfix is available from Microsoft Product Support Services. See the knowledge base article for more information:
http://support.microsoft.com/kb/889323/
|
Vendor URL: support.microsoft.com/kb/889323/ (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Windows (XP)
|
Underlying OS Comments: XP SP1
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 24 Mar 2005 03:01:02 -0500
Subject: http://support.microsoft.com/kb/889323/
|
> Non-administrative users can remotely shut down a Windows XP Service Pack 1-based
> computer by using the TSShutdn.exe command
A hotfix is available from Microsoft Product Support Services.
|
|
