Microsoft Windows Remote Desktop 'TSShutdn.exe' Lets Remote Authenticated Users Shutdown the System
|
|
SecurityTracker Alert ID: 1013552 |
|
SecurityTracker URL: http://securitytracker.com/id/1013552
|
|
CVE Reference:
CVE-2005-0904
(Links to External Site)
|
Updated: Jul 7 2008
|
Original Entry Date: Mar 24 2005
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
|
Description:
A vulnerability was reported in Microsoft Windows Remote Desktop. A remote authenticated user can shutdown the target system.
The Remote Desktop does not check the 'Force shutdown from a remote system' user right. A remote user without administrative privileges can invoke the 'TSShutdn.exe' command to shutdown the remote system.
Windows XP SP1 is affected.
|
Impact:
A remote authenticated user can shutdown the target system.
|
Solution:
A hotfix is available from Microsoft Product Support Services. See the knowledge base article for more information:
http://support.microsoft.com/kb/889323/
|
Vendor URL: support.microsoft.com/kb/889323/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 24 Mar 2005 03:01:02 -0500
Subject: http://support.microsoft.com/kb/889323/
|
> Non-administrative users can remotely shut down a Windows XP Service Pack 1-based
> computer by using the TSShutdn.exe command
A hotfix is available from Microsoft Product Support Services.
|
|
