Executive Summary
| Summary | |
|---|---|
| Title | Vulnerability in Windows Service ACLs |
| Informations | |||
|---|---|---|---|
| Name | KB914457 | First vendor Publication | 2006-02-07 |
| Vendor | Microsoft | Last vendor Modification | 2006-03-14 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:S/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Local |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 3.1 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Microsoft has completed the investigation into a public report of a vulnerability. We have issued a security bulletin to address this issue. For more information about this issue, including download links for an available security update, please review the security bulletin. |
Original Source
| Url : http://www.microsoft.com/technet/security/advisory/914457.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:1671 | |||
| Oval ID: | oval:org.mitre.oval:def:1671 | ||
| Title: | Server 2003 Insecure Default ACLs | ||
| Description: | Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka "Permissive Windows Services DACLs." NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2006-0023 | Version: | 8 |
| Platform(s): | Microsoft Windows Server 2003 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:1696 | |||
| Oval ID: | oval:org.mitre.oval:def:1696 | ||
| Title: | Windows XP Insecure Default ACLs | ||
| Description: | Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery Protocol (SSDP), (2) Universal Plug and Play Device Host (UPnP), (3) NetBT, (4) SCardSvr, (5) DHCP, and (6) DnsCache services, aka "Permissive Windows Services DACLs." NOTE: the NetBT, SCardSvr, DHCP, DnsCache already require privileged access to exploit. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2006-0023 | Version: | 7 |
| Platform(s): | Microsoft Windows XP | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 2 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 23047 | Microsoft Windows SSDP SERVICE_CHANGE_CONFIG Permission Weakness Privilege Es... |
| 23046 | Microsoft Windows SCardSvr SERVICE_CHANGE_CONFIG Permission Weakness Privileg... |
| 23045 | Microsoft Windows NetBT SERVICE_CHANGE_CONFIG Permission Weakness Privilege E... |
| 23044 | Microsoft Windows UPnP SERVICE_CHANGE_CONFIG Permission Weakness Privilege Es... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2006-03-14 | Name : Local users may be able to elevate their privileges on the remote host. File : smb_nt_ms06-011.nasl - Type : ACT_GATHER_INFO |
