Lucene search
HistoryAug 11, 2010 - 6:47 p.m.
CVE-2010-2554
CVSS2
6.8
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:C/I:C/A:C
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
19.1%
The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka โTracing Registry Key ACL Vulnerability.โ
Affected configurations
Node
microsoftwindows_7Match-
ORmicrosoftwindows_server_2008itanium
ORmicrosoftwindows_server_2008x32
ORmicrosoftwindows_server_2008x64
ORmicrosoftwindows_server_2008r2itanium
ORmicrosoftwindows_server_2008r2x64
ORmicrosoftwindows_server_2008sp2x32
ORmicrosoftwindows_server_2008sp2x64
ORmicrosoftwindows_server_2008Match-sp2itanium
ORmicrosoftwindows_vistasp1
ORmicrosoftwindows_vistasp2
ORmicrosoftwindows_vistaMatch-sp1
ORmicrosoftwindows_vistaMatch-sp2
Related
seebug
seebug
prion
prion
Security feature bypass
2010-08-11 18:47:00
cvelist
cvelist
CVE-2010-2554
2010-08-11 18:00:00
cve
cve
CVE-2010-2554
2010-08-11 18:47:50
canvas
canvas
Immunity Canvas: MS10_059
2010-08-11 18:47:00
exploitpack
exploitpack
Microsoft Windows - Tracing Registry Key ACL Privilege Escalation
2010-08-10 00:00:00
exploitdb
exploitdb
Microsoft Windows - Tracing Registry Key ACL Privilege Escalation
2010-08-10 00:00:00
securityvulns
securityvulns
openvas
openvas
nessus
nessus
CVSS2
6.8
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:C/I:C/A:C
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
19.1%
Related for NVD:CVE-2010-2554