Microsoft Windows POSIX Subsystem Privilege Escalation

2004-07-13T16:01:44
ID OSVDB:7800
Type osvdb
Reporter Rafal Wojtczuk()
Modified 2004-07-13T16:01:44

Description

Vulnerability Description

A local overflow exists in Microsoft Windows POSIX Subsystem. The Microsoft Windows POSIX Subsystem fails to check the length of certain parameters resulting in a buffer overflow overflow. With a specially crafted request, an attacker can run code with elevated privileges, resulting in a loss of confidentiality, integrity, and availability.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released patch MS04-020 to address this vulnerability.

Short Description

A local overflow exists in Microsoft Windows POSIX Subsystem. The Microsoft Windows POSIX Subsystem fails to check the length of certain parameters resulting in a buffer overflow overflow. With a specially crafted request, an attacker can run code with elevated privileges, resulting in a loss of confidentiality, integrity, and availability.

References:

Secunia Advisory ID:12062 Nessus Plugin ID:13638 Microsoft Security Bulletin: MS04-020 Microsoft Knowledge Base Article: 841872 Generic Exploit URL: http://www.k-otik.com/exploits/07162004.MS04-020posixexp.c.php CVE-2004-0210