Microsoft Windows LSASS LPC请求本地权限提升漏洞（MS08-002）

BUGTRAQ ID: 27099 CVECAN ID: CVE-2007-5352 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的LSASS过程没有正确地处理特制LPC请求，当LSASS进程收到特制的LPC请求时，攻击者就可以以提升的权限运行代码，成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003...

CVE-2007-5352

CVE-2007-5352 is a local privilege-escalation vulnerability in Microsoft Windows LSASS. The root cause is LSASS’s improper handling of specially crafted LPC requests, which could allow a local attacker to execute code with SYSTEM privileges and take full control of the affected system. Affected p...

MS08-002: Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)

The remote host is running version of Windows and LSASS that could allow a local user to gain elevated privileged. An attacker who has the ability to execute arbitrary commands on the remote host may exploit this flaw to gain SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"...

Microsoft Windows LSASS privilege escalation vulnerability

Overview The Windows LSASS service contains privilege escalation vulnerability. Description The Windows Local Security Authority Subsystem Service LSASS is a process that enforces the local security policy. Per Microsoft Security Bulletin MS08-002: An elevation of privilege vulnerability exists i...