- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21344
- Проверка EDB
-
- Пройдено
- Автор
- ELICZ
- Тип уязвимости
- LOCAL
- Платформа
- WINDOWS
- CVE
- cve-2002-0367
- Дата публикации
- 2002-03-13
Код:
source: https://www.securityfocus.com/bid/4287/info
A vulnerability in Microsoft Windows 2000 and NT 4 could allow a user to gain SYSTEM-level privileges on the local host.
The debugging subsystem, which is available to all users, may be used to create duplicate handles to a privileged process. This may allow an application with minimal privileges to execute arbitrary code with the privileges of the process that is accessed.
05/06/2002: There have been reports of a mass-mailing worm that exploits this vulnerability using the proof-of-concept exploit.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21344.zip- Источник
- www.exploit-db.com
