Exploit in the wild: Microsoft Windows Kernel Local Privilege Escalation and DoS (MS05-018)
Exploit via FrSIRT. * Technical Description *
Advisory via FrSIRT.
FrSIRT Advisory : FrSIRT/ADV-2005-0338
CVE Reference : CAN-2005-0550 - CAN-2005-0551 - CAN-2005-0060 - CAN-2005-0061
Rated as : Moderate Risk 
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2005-04-12
Four vulnerabilities were identified in Microsoft Windows, which may be exploited by malicious local users to obtain elevated privileges or conduct denial of service attacks.
- The first flaw is due to a buffer overflow error when processing certain fonts, which may be exploited by malicious local users to gain elevated privileges.
- The second vulnerability resides in the process used by Windows to validate certain access requests, which may be exploited by malicious local users to gain elevated privileges.
- The third problem is due to an Object Management error, which may be exploited by malicious local users to cause a denial of service.
- The fourth issue is due to an unspecified error in the Client Server Runtime System (CSRSS), which may be exploited by malicious local users to gain elevated privileges.
Microsoft Windows 2000 Service Pack 3
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows 98
Microsoft Windows 98 Second Edition (SE)
Microsoft Windows Millennium Edition (ME)
http://www.microsoft.com/technet/security/bulletin/ms05-018.mspx
posted by Fergie @ 9/06/2005 07:33:00 AM
0 Comments:
Post a Comment
<< Home