Microsoft Operating Systems Have Unspecified Flaw That Yields Kernel Level Access to Local Users
|
|
SecurityTracker Alert ID: 1009546 |
|
SecurityTracker URL: http://securitytracker.com/id/1009546
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Mar 24 2004
|
Impact:
Root access via local system
|
|
Version(s): Windows NT 4.0, 2000, 2003, XP
|
Description:
An unspecified vulnerability was reported in Microsoft's Windows NT 4.0, 2000, 2003, and XP operating systems. A local user can gain full control of the system.
eEye Digital Security reported that a core services function of Microsoft operating systems contains a vulnerability. A local user can gain kernel level privileges ("privileges greater than SYSTEM").
No further details were provided pending vendor notification and correction.
The vendor was reportedly notified on March 18, 2004.
|
Impact:
A local user can gain elevated privileges on the target system. eEye reports that the privileges gained can be "greater than SYSTEM" privileges.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.microsoft.com/technet/security/ (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 23 Mar 2004 21:58:26 -0500
Subject: http://www.eeye.com/html/Research/Upcoming/20040318.html
|
http://www.eeye.com/html/Research/Upcoming/20040318.html
> EEYEB-20040318
eEye Digital Security reported that a core services function of Microsoft operating
systems contains a vulnerability. A local user can gain kernel level privileges
("privileges greater than SYSTEM").
The following systems are reportedly affected:
Windows NT 4.0
Windows 2000
Windows XP
Windows Server 2003
The vendor was reportedly notified on March 18, 2004.
|
|
