Privilege Escalation Vulnerability in Microsoft Windows POSIX OS subsystem

Reported July 13, 2004, by Microsoft

VERSIONS AFFECTED

  • Windows 2000
  • Windows NT 4.0

DESCRIPTION
A privilege-elevation vulnerability exists in the POSIX OS subsystem. Although this vulnerability is not exploitable remotely, a potential attacker who successfully exploited the vulnerability could take complete control of an affected system.

VENDOR RESPONSE
Microsoft has released bulletin MS04-020, "Vulnerability in POSIX Could Allow Code Execution (841872)," to address this vulnerability and recommends that affected users apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by Rafal Wojtczuk.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish