Microsoft Windows SeDebugPrivilege NtSystemDebugControl Function Privilege Escalation

2004-02-14T05:14:26
ID OSVDB:19857
Type osvdb
Reporter OSVDB
Modified 2004-02-14T05:14:26

Description

Vulnerability Description

Microsoft Windows contains a flaw that may allow a malicious local user to gain elevated privileges. The issue is triggered due to flaws in the NtSystemDebugControl kernel debugging function. It is possible that the flaw may allow execution of arbitrary code on the system with kernel mode privileges resulting in a loss of integrity.

Technical Description

The SeDebugPrivilege privilege is usually only assigned to Administrators.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Microsoft Windows contains a flaw that may allow a malicious local user to gain elevated privileges. The issue is triggered due to flaws in the NtSystemDebugControl kernel debugging function. It is possible that the flaw may allow execution of arbitrary code on the system with kernel mode privileges resulting in a loss of integrity.

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-02/0529.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-02/0512.html ISS X-Force ID: 15263 CVE-2004-2339 Bugtraq ID: 9694