Executive Summary
| Summary | |
|---|---|
| Title | Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799) |
| Informations | |||
|---|---|---|---|
| Name | MS10-059 | First vendor Publication | 2010-08-10 |
| Vendor | Microsoft | Last vendor Modification | 2010-08-10 |
| Severity (Vendor) | Important | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:S/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.1 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in the Tracing Feature for Services. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/MS10-059.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11426 | |||
| Oval ID: | oval:org.mitre.oval:def:11426 | ||
| Title: | Tracing Memory Corruption Vulnerability | ||
| Description: | The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a denial of service (memory corruption) via vectors involving a long string, aka "Tracing Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2555 | Version: | 7 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12082 | |||
| Oval ID: | oval:org.mitre.oval:def:12082 | ||
| Title: | Tracing Registry Key ACL Vulnerability | ||
| Description: | The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2554 | Version: | 7 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2010-08-10 | Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-08-26 | Name : Microsoft Windows Tracing Feature Privilege Elevation Vulnerabilities (982799) File : nvt/secpod_ms10-059.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 66978 | Microsoft Windows Tracing Feature for Services Registry String Handling Memor... A memory corruption flaw exists in Microsoft Windows. The Tracing Feature for Services fails to sanitize user-supplied input, resulting in memory corruption. With a specially crafted overly long string, a local, authenticated attacker can gain full user privileges. |
| 66977 | Microsoft Windows Tracing Feature for Services Registry Key ACL Local Privile... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when Tracing Feature for Services fails to set secure permissions for registry keys, allowing a local authenticated attacker to gain full user privileges by editing subkeys in 'HKLM\Software\Microsoft\Tracing'. |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2010-08-12 | IAVM : 2010-B-0064 - Multiple Vulnerabilities in Microsoft Windows Tracing Feature for Services Severity : Category I - VMSKEY : V0025074 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-08-11 | Name : The remote Windows host has multiple privilege escalation vulnerabilities. File : smb_nt_ms10-059.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:46:39 |
|
| 2013-11-11 12:41:18 |
|
