MS06-049: W2k Kernel Bug

Published: 2006-08-08
Last Updated: 2006-08-08 17:40:19 UTC
by Pedro Bueno (Version: 1)
0 comment(s)

This is another privilege elevation vulnerability.

By exploiting this vulnerability, on MS own words: "...An attacker could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To attempt to exploit the vulnerability, an attacker must be able to log on locally to the system and run a program."

According to the advisory this occurs due an unchecked buffer bug that affects the Windows 2000 kernel.

Althought this vulnerability can only be exploited locally, we recommend you to test it and apply as soon as possible. As this vulnerability is already known for a while and by reading the advisory it really doenst look so hard to exploit it, so if you have systems running 2k, patch it!

Pedro Bueno ( pbueno //&&// isc. sans. org )
0 comment(s)


Diary Archives