header-logo
Suggest Exploit
vendor:
Windows 2000 and NT 4
by:
SecurityFocus
7.2
CVSS
HIGH
Privilege Escalation
269
CWE
Product Name: Windows 2000 and NT 4
Affected Version From: Microsoft Windows 2000 and NT 4
Affected Version To: Microsoft Windows 2000 and NT 4
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Microsoft Windows 2000 and NT 4 Debugging Subsystem Privilege Escalation Vulnerability

The debugging subsystem, which is available to all users, may be used to create duplicate handles to a privileged process. This may allow an application with minimal privileges to execute arbitrary code with the privileges of the process that is accessed.

Mitigation:

Restrict access to the debugging subsystem.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4287/info

A vulnerability in Microsoft Windows 2000 and NT 4 could allow a user to gain SYSTEM-level privileges on the local host.

The debugging subsystem, which is available to all users, may be used to create duplicate handles to a privileged process. This may allow an application with minimal privileges to execute arbitrary code with the privileges of the process that is accessed.

05/06/2002: There have been reports of a mass-mailing worm that exploits this vulnerability using the proof-of-concept exploit. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21344.zip

Navigation

Suggest Exploit

Services By CQR