A specially crafted LPC request directed through the RPCSS within Windows XP or 2003 can trigger an exploitable stack-based buffer overflow. This will result in a local user elevating their privileges to NetworkSystem. Further abuse of this vulnerability could eventually allow a malicious attacker to gain LocalSystem privileges on a vulnerable system.
Elevation of Privilege
Local elevation of privileges to greater than Administrator rights. Attackers exploiting this vulnerability are able to gain rights on a machine that are greater than Administrator. It is used to gain a foothold on the system for further malicious activity.
BeyondTrust Prevention and Detection:
- BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
There are no known forms of mitigating this vulnerability. Local users that are able to execute a crafted binary could potentially execute arbitrary code with elevated privileges; therefore it is recommended that only trusted users are permitted access to affected systems.