Microsoft Windows Utility Manager Privilege Escalation

2004-04-13T17:50:33
ID OSVDB:5254
Type osvdb
Reporter Ben Pryor(pryorb@uwplatt.edu), Cesar Cerrudo(cesarc56@yahoo.com), Brett Moore(brett.moore@security-assessment.com)
Modified 2004-04-13T17:50:33

Description

Vulnerability Description

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when Utility Manager is launched, and does not release System privileges. An attacker may be able to cause Utility Manager to launch an application under System privileges, leading to a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when Utility Manager is launched, and does not release System privileges. An attacker may be able to cause Utility Manager to launch an application under System privileges, leading to a loss of integrity.

References:

US-CERT Cyber Security Alert: TA04-104A Secunia Advisory ID:11064 Related OSVDB ID: 5261 Related OSVDB ID: 5251 Related OSVDB ID: 5255 Related OSVDB ID: 5256 Related OSVDB ID: 5260 Related OSVDB ID: 5249 Related OSVDB ID: 5257 Related OSVDB ID: 5248 Related OSVDB ID: 5250 Related OSVDB ID: 5252 Related OSVDB ID: 5253 Related OSVDB ID: 5258 Related OSVDB ID: 5259 Other Advisory URL: http://www.appsecinc.com/resources/alerts/general/04-0001.html Other Advisory URL: http://www.securiteam.com/windowsntfocus/5LP0C2ACKU.html OVAL ID: 1046 Nessus Plugin ID:12209 Microsoft Security Bulletin: MS04-011 ISS X-Force ID: 15818 ISS X-Force ID: 15632 CVE-2003-0908 CIAC Advisory: o-114 CERT VU: 526084 Bugtraq ID: 10124