BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Windows Local Procedure Call (LPC) Privilege Elevation Vulnerability

Disclosed October 8, 2010    Fully Patched

Vulnerability Description:

A specially crafted LPC request directed through the RPCSS within Windows XP or 2003 can trigger an exploitable stack-based buffer overflow.  This will result in a local user elevating their privileges to NetworkSystem.  Further abuse of this vulnerability could eventually allow a malicious attacker to gain LocalSystem privileges on a vulnerable system.

Vendors:

Microsoft

Vulnerable Software/Devices:

Windows XP
Windows 2003

Vulnerability Severity:

Medium

Exploit Availability:

N/A

Exploit Impact:

Elevation of Privilege
Local elevation of privileges to greater than Administrator rights. Attackers exploiting this vulnerability are able to gain rights on a machine that are greater than Administrator. It is used to gain a foothold on the system for further malicious activity.

BeyondTrust Prevention and Detection:

Mitigation:

There are no known forms of mitigating this vulnerability.  Local users that are able to execute a crafted binary could potentially execute arbitrary code with elevated privileges; therefore it is recommended that only trusted users are permitted access to affected systems.

Links:

CVE(s):

None

Leave a Reply