Vulnerability CVE-2004-2730


Published: 2004-12-31   Modified: 2012-02-12

Description:
Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Microsoft -> Psexec 
Microsoft -> Psgetsid 
Microsoft -> Psinfo 
Microsoft -> Pskill 
Microsoft -> Pslist 
Microsoft -> Psloglist 
Microsoft -> Pspasswd 
Microsoft -> Psservice 
Microsoft -> Psshutdown 
Microsoft -> Pssuspend 
Microsoft -> Sysinternals pstools 

 References:
http://securitytracker.com/id?1010737
http://www.securityfocus.com/bid/10759
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=28304
https://exchange.xforce.ibmcloud.com/vulnerabilities/16743

Copyright 2024, cxsecurity.com

 

Back to Top