logo
DATABASE RESOURCES PRICING ABOUT US

Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability

Description

### Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected computers. ### Technologies Affected * Avaya CallPilot 4.0 * Avaya CallPilot 4.0.1 * Avaya CallPilot 5.0 * Avaya CallPilot 5.0.1 * Avaya Communication Server 1000 Telephony Manager 3.0 * Avaya Communication Server 1000 Telephony Manager 3.0.1 * Avaya Communication Server 1000 Telephony Manager 4.0 * Avaya Communication Server 1000 Telephony Manager 4.0.1 * Avaya Messaging Application Server 4 * Avaya Messaging Application Server 5 * Avaya Messaging Application Server 5.0 * Avaya Messaging Application Server 5.0.1 * Avaya Messaging Application Server 5.2 * Avaya Messaging Application Server 5.2.1 * Avaya Messaging Application Server MM 1.1 * Avaya Messaging Application Server MM 2.0 * Avaya Messaging Application Server MM 3.0 * Avaya Messaging Application Server MM 3.1 * Microsoft Windows Server 2003 Itanium SP2 * Microsoft Windows Server 2003 SP2 * Microsoft Windows Server 2003 x64 SP2 * Microsoft Windows XP Professional x64 Edition SP2 * Microsoft Windows XP Service Pack 3 ### Recommendations **Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** To exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only. Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.


Affected Software


CPE Name Name Version
avaya communication server 1000 Telephony Manager 4.0
avaya messaging application server 5.0.1
avaya messaging application server 5
avaya callpilot 5.0
avaya communication server 1000 Telephony Manager 3.0.1
avaya messaging application server mm 1.1
microsoft windows server 2003 Itanium SP2
avaya messaging application server 5.0
microsoft windows xp service pack 3
avaya messaging application server mm 3.1
avaya messaging application server 4
avaya communication server 1000 Telephony Manager 4.0.1
avaya messaging application server mm 3.0
microsoft windows server 2003 SP2
microsoft windows server 2003 x64 SP2
avaya callpilot 4.0
avaya callpilot 4.0.1
avaya messaging application server 5.2.1
avaya communication server 1000 Telephony Manager 3.0
avaya messaging application server mm 2.0
avaya messaging application server 5.2
avaya callpilot 5.0.1

Related