Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2730

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2004-2730
Last Modified 05 Sep 2008 04:44:57
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2730

Summary

Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.

Vulnerable Systems

Application

  • Microsoft Psexec 1.53

  • Microsoft Psgetsid 1.40

  • Microsoft Psinfo 1.60

  • Microsoft Pskill 1.02

  • Microsoft Pslist 1.25

  • Microsoft Psloglist 2.50

  • Microsoft Pspasswd 1.20

  • Microsoft Psservice 2.11

  • Microsoft Psshutdown 2.31

  • Microsoft Pssuspend 1.04

  • Microsoft Sysinternals Pstools 2.04


References

BID - 10759

XF - pstools-gain-admin-access(16743)

MISC - http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=28304

OSVDB - 8140

SECTRACK - 1010737

SECUNIA - 12108


Last Updated: 27 May 2016 10:39:36