Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-0893 | First vendor Publication | 2005-01-10 |
Vendor | Cve | Last vendor Modification | 2019-04-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0893 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1321 | |||
Oval ID: | oval:org.mitre.oval:def:1321 | ||
Title: | Windows Kernel LPC Privilege Escalation Vulnerability (NT 4.0) | ||
Description: | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0893 | Version: | 3 |
Platform(s): | Microsoft Windows NT | Product(s): | Windows kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1561 | |||
Oval ID: | oval:org.mitre.oval:def:1561 | ||
Title: | Windows Kernel LPC Privilege Escalation Vulnerability (Windows 2000) | ||
Description: | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0893 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Windows kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1581 | |||
Oval ID: | oval:org.mitre.oval:def:1581 | ||
Title: | Suppressed Test OVAL1581 (Identical to OVAL4458) | ||
Description: | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0893 | Version: | 1 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Windows kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1886 | |||
Oval ID: | oval:org.mitre.oval:def:1886 | ||
Title: | Windows Kernel LPC Privilege Escalation Vulnerability (32-bit XP,SP1) | ||
Description: | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0893 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Windows kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:2008 | |||
Oval ID: | oval:org.mitre.oval:def:2008 | ||
Title: | Windows Kernel LPC Privilege Escalation Vulnerability (64-bit XP) | ||
Description: | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0893 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Windows kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:4021 | |||
Oval ID: | oval:org.mitre.oval:def:4021 | ||
Title: | Windows Kernel LPC Privilege Escalation Vulnerability (NT Terminal Server) | ||
Description: | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0893 | Version: | 2 |
Platform(s): | Microsoft Windows NT | Product(s): | Windows kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:4458 | |||
Oval ID: | oval:org.mitre.oval:def:4458 | ||
Title: | Windows Kernel LPC Privilege Escalation Vulnerability (Server 2003) | ||
Description: | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0893 | Version: | 1 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Windows kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:450 | |||
Oval ID: | oval:org.mitre.oval:def:450 | ||
Title: | Windows Kernel LPC Privilege Escalation Vulnerability (32-bit XP,SP2) | ||
Description: | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0893 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Windows kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
12372 | Microsoft Windows Kernel Application Launch Local Privilege Escalation Microsoft WIndows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by an unchecked buffer in the handling of data sent through a Local Procedure Call (LPC) port, allowing an attacker to trigger an overflow leading to arbitrary code execution with escalated priveleges. This flaw may lead to a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-12-14 | Name : Local users can elevate their privileges on the remote host. File : smb_nt_ms04-044.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:37 |
|
2024-02-01 12:01:33 |
|
2023-09-05 12:02:30 |
|
2023-09-05 01:01:24 |
|
2023-09-02 12:02:31 |
|
2023-09-02 01:01:24 |
|
2023-08-12 12:03:02 |
|
2023-08-12 01:01:25 |
|
2023-08-11 12:02:37 |
|
2023-08-11 01:01:26 |
|
2023-08-06 12:02:25 |
|
2023-08-06 01:01:26 |
|
2023-08-04 12:02:29 |
|
2023-08-04 01:01:26 |
|
2023-07-14 12:02:28 |
|
2023-07-14 01:01:26 |
|
2023-03-29 01:02:29 |
|
2023-03-28 12:01:31 |
|
2022-10-11 12:02:12 |
|
2022-10-11 01:01:18 |
|
2021-05-04 12:02:25 |
|
2021-04-22 01:02:34 |
|
2020-05-23 00:15:54 |
|
2019-05-09 12:01:24 |
|
2019-04-30 21:19:18 |
|
2018-10-13 00:22:29 |
|
2017-10-11 09:23:24 |
|
2017-07-11 12:01:31 |
|
2016-04-26 12:53:58 |
|
2014-02-17 10:28:05 |
|
2013-05-11 11:43:16 |
|