Executive Summary
Summary | |
---|---|
Title | Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657) |
Informations | |||
---|---|---|---|
Name | MS09-041 | First vendor Publication | 2009-08-11 |
Vendor | Microsoft | Last vendor Modification | 2009-08-11 |
Severity (Vendor) | Important | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.0 (August 11, 2009): Bulletin published.Summary: This security update resolves a privately reported vulnerability in the Windows Workstation Service. The vulnerability could allow elevation of privilege if an attacker created a specially crafted RPC message and sent the message to an affected system. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials to a vulnerable system in order to exploit this vulnerability. The vulnerability could not be exploited by anonymous users. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS09-041.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-08-12 | Name : Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657) File : nvt/secpod_ms09-041.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56902 | Microsoft Windows Workstation Service NetrGetJoinInformation Function Local M... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-08-13 | IAVM : 2009-B-0035 - Microsoft Windows Workstation Service Elevation of Privilege Vulnerability Severity : Category II - VMSKEY : V0019880 |
Snort® IPS/IDS
Date | Description |
---|---|
2016-04-19 | DCERPC Direct detection of malicious DCE RPC request in suspicious pcap RuleID : 38264 - Revision : 1 - Type : OS-WINDOWS |
2014-01-10 | DCERPC NCACN-IP-TCP wkssvc NetrGetJoinInformation attempt RuleID : 15860 - Revision : 13 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-08-11 | Name : Users can elevate their privileges on the remote host. File : smb_nt_ms09-041.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:18 |
|
2014-01-19 21:30:21 |
|
2013-11-11 12:41:12 |
|