Windows Local Privilege Escalation ExploitWindows Local Privilege Escalation Exploit
Code has been published that might successfully exploit loose permissions on third-party Windows-based application services as well as several default Windows services.
February 9, 2006
Code has been published that might successfully exploit loose permissions on third-party Windows-based application services as well as several default Windows services, including Universal Plug- and- Play (UpPnP), NetBIOS over TCP/IP (NetBT), Smart Card (SCardSvr), and SSDP Discovery Service (SSDPA). A successful exploit could allow a local user to gain elevated privileges. The problem affects Windows XP with Service Pack 1 (SP1) and Windows Server 2003. Windows XP with Service Pack 2(SP2) and Windows Server 2003 with Service Pack 1SP1 are no't affected. Microsoft is aware of the problem and has published an advisory
About the Author
You May Also Like