Reported February 7, 2001, by BindView RAZOR Team.
A local promotion vulnerability has been discovered in NT 4.0, all versions including Service Pack 6a (SP6a). A flaw in the way the NT LAN Manager (NTLM) Security Support Provider handles client requests can let a malicious user run a program as a privileged user. VENDOR RESPONSE Microsoft has released a security bulletin, MS01-008.
The original RAZOR advisory is available at:
http://razor.bindview.com/publish/advisories/adv_NTLMSSP.html CREDIT |
0 comments
Hide comments