Microsoft Windows Management Local Privilege Escalation Vulnerability
BID:10125
Info
Microsoft Windows Management Local Privilege Escalation Vulnerability
| Bugtraq ID: | 10125 |
| Class: | Access Validation Error |
| CVE: |
CVE-2003-0909 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 13 2004 12:00AM |
| Updated: | Oct 02 2007 06:09PM |
| Credit: | The vendor announced this vulnerability. |
| Vulnerable: |
Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows XP 64-bit Edition Version 2003 SP1 Microsoft Windows XP 64-bit Edition Version 2003 Microsoft Windows XP 64-bit Edition SP1 Microsoft Windows XP 64-bit Edition Avaya S8100 Media Servers 0 Avaya S3400 Message Application Server 0 Avaya IP600 Media Servers Avaya DefinityOne Media Servers |
| Not Vulnerable: | |
Discussion
Microsoft Windows Management Local Privilege Escalation Vulnerability
Microsoft Windows Management is prone to a local privilege-escalation vulnerability that may allow a local attacker to execute arbitrary attacker-supplied code with SYSTEM privileges.
Microsoft Windows Management is prone to a local privilege-escalation vulnerability that may allow a local attacker to execute arbitrary attacker-supplied code with SYSTEM privileges.
Exploit / POC
Microsoft Windows Management Local Privilege Escalation Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Microsoft Windows Management Local Privilege Escalation Vulnerability
Solution:
Microsoft has released a security bulletin and fixes to address this issue. Please see the references for more information.
Microsoft Windows XP Home
Microsoft Windows XP 64-bit Edition Version 2003
Microsoft Windows XP Home SP1
Microsoft Windows XP Professional
Microsoft Windows XP 64-bit Edition Version 2003 SP1
Microsoft Windows XP Professional SP1
Microsoft Windows XP 64-bit Edition SP1
Solution:
Microsoft has released a security bulletin and fixes to address this issue. Please see the references for more information.
Microsoft Windows XP Home
-
Microsoft Security Update for Windows XP (KB835732)
http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en
Microsoft Windows XP 64-bit Edition Version 2003
-
Microsoft Security Update for Windows Server 2003 64 Bit Edition and Windows XP 64 Bit Edition Version 2003 (
http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883 -44A6-A107-6CD2D29FC6F5&displaylang=en
Microsoft Windows XP Home SP1
-
Microsoft Security Update for Windows XP (KB835732)
http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en
Microsoft Windows XP Professional
-
Microsoft Security Update for Windows XP (KB835732)
http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en
Microsoft Windows XP 64-bit Edition Version 2003 SP1
-
Microsoft Security Update for Windows Server 2003 64 Bit Edition and Windows XP 64 Bit Edition Version 2003 (
http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883 -44A6-A107-6CD2D29FC6F5&displaylang=en
Microsoft Windows XP Professional SP1
-
Microsoft Security Update for Windows XP (KB835732)
http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F -43B9-A4F1-AF243B6168F3&displaylang=en
Microsoft Windows XP 64-bit Edition SP1
-
Microsoft Security Update for Windows XP 64 Bit Edition (KB835732)
http://www.microsoft.com/downloads/details.aspx?FamilyId=C6B55EF2-D9FE -4DBE-AB7D-73A20C82FF73&displaylang=en
References
Microsoft Windows Management Local Privilege Escalation Vulnerability
References:
References:
- Microsoft Security Bulletin MS04-011 (Microsoft)