Executive Summary

Informations
Name MS04-044 First vendor Publication N/A
Vendor Microsoft Last vendor Modification N/A
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1321
 
Oval ID: oval:org.mitre.oval:def:1321
Title: Windows Kernel LPC Privilege Escalation Vulnerability (NT 4.0)
Description: The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0893
Version: 3
Platform(s): Microsoft Windows NT
Product(s): Windows kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1561
 
Oval ID: oval:org.mitre.oval:def:1561
Title: Windows Kernel LPC Privilege Escalation Vulnerability (Windows 2000)
Description: The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0893
Version: 7
Platform(s): Microsoft Windows 2000
Product(s): Windows kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1581
 
Oval ID: oval:org.mitre.oval:def:1581
Title: Suppressed Test OVAL1581 (Identical to OVAL4458)
Description: The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0893
Version: 1
Platform(s): Microsoft Windows Server 2003
Product(s): Windows kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1886
 
Oval ID: oval:org.mitre.oval:def:1886
Title: Windows Kernel LPC Privilege Escalation Vulnerability (32-bit XP,SP1)
Description: The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0893
Version: 5
Platform(s): Microsoft Windows XP
Product(s): Windows kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1888
 
Oval ID: oval:org.mitre.oval:def:1888
Title: LSASS Privilege Escalation Vulnerability (64-bit Server 2003)
Description: LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0894
Version: 1
Platform(s): Microsoft Windows Server 2003
Product(s): Local Security Authority Subsystem Service (LSASS)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:2008
 
Oval ID: oval:org.mitre.oval:def:2008
Title: Windows Kernel LPC Privilege Escalation Vulnerability (64-bit XP)
Description: The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0893
Version: 5
Platform(s): Microsoft Windows XP
Product(s): Windows kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:2062
 
Oval ID: oval:org.mitre.oval:def:2062
Title: LSASS Privilege Escalation Vulnerability (64-bit XP, SP1)
Description: LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0894
Version: 4
Platform(s): Microsoft Windows XP
Product(s): Local Security Authority Subsystem Service (LSASS)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:3312
 
Oval ID: oval:org.mitre.oval:def:3312
Title: LSASS Privilege Escalation Vulnerability (Server 2003/64-bit XP)
Description: LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0894
Version: 1
Platform(s): Microsoft Windows XP
Product(s): Local Security Authority Subsystem Service (LSASS)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:3325
 
Oval ID: oval:org.mitre.oval:def:3325
Title: LSASS Privilege Escalation Vulnerability (32-bit XP, SP1)
Description: LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0894
Version: 4
Platform(s): Microsoft Windows XP
Product(s): Local Security Authority Subsystem Service (LSASS)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:4021
 
Oval ID: oval:org.mitre.oval:def:4021
Title: Windows Kernel LPC Privilege Escalation Vulnerability (NT Terminal Server)
Description: The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0893
Version: 2
Platform(s): Microsoft Windows NT
Product(s): Windows kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:4368
 
Oval ID: oval:org.mitre.oval:def:4368
Title: LSASS Privilege Escalation Vulnerability (32-bit XP, SP2)
Description: LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0894
Version: 5
Platform(s): Microsoft Windows XP
Product(s): Local Security Authority Subsystem Service (LSASS)
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:4458
 
Oval ID: oval:org.mitre.oval:def:4458
Title: Windows Kernel LPC Privilege Escalation Vulnerability (Server 2003)
Description: The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0893
Version: 1
Platform(s): Microsoft Windows Server 2003
Product(s): Windows kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:450
 
Oval ID: oval:org.mitre.oval:def:450
Title: Windows Kernel LPC Privilege Escalation Vulnerability (32-bit XP,SP2)
Description: The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2004-0893
Version: 5
Platform(s): Microsoft Windows XP
Product(s): Windows kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:778
 
Oval ID: oval:org.mitre.oval:def:778
Title: LSASS Privilege Escalation Vulnerability (Windows 2000)
Description: LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0894
Version: 7
Platform(s): Microsoft Windows 2000
Product(s): Local Security Authority Subsystem Service (LSASS)
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 5
Os 12
Os 31
Os 9

Open Source Vulnerability Database (OSVDB)

Id Description
12376 Microsoft Windows LSASS Identity Token Validation Local Privilege Escalation

The Microsoft Windows operating system contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered due to an error in the validation of identity tokens within the Local Security Authority Subsystem Service (LSASS.) This flaw may lead to a loss of confidentiality.
12372 Microsoft Windows Kernel Application Launch Local Privilege Escalation

Microsoft WIndows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by an unchecked buffer in the handling of data sent through a Local Procedure Call (LPC) port, allowing an attacker to trigger an overflow leading to arbitrary code execution with escalated priveleges. This flaw may lead to a loss of integrity.

Nessus® Vulnerability Scanner

Date Description
2004-12-14 Name : Local users can elevate their privileges on the remote host.
File : smb_nt_ms04-044.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:45:05
  • Multiple Updates