| VID |
26018 |
| Severity |
40 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q272736) for the "Still Image Service Privilege Escalation" problem has not been applied. The Still Image Service is not installed by default, but is automatically installed, via plug-n-play, when a user attaches a still image device (I.e. digital camera, scanner, etc.) to a Windows 2000 host.
Windows 2000 is vulnerable to a buffer overflow in the Still Image Service that could allow a user to gain elevated privileges. A local attacker can overflow the buffer and execute arbitrary code on the system with the privileges of the service, typically LocalSystem.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* Platforms Affected:
Microsoft Windows 2000
* References:
http://www.iss.net/security_center/static/5203.php
http://www.microsoft.com/technet/security/bulletin/MS00-065.asp |
| Recommendation |
Apply the patch, as listed in Microsoft Security Bulletin MS00-065. (http://www.microsoft.com/technet/security/bulletin/MS00-065.asp)
* Note: This patch will be included in the next Service Pack for Windows 2000 -- it can be applied to a computer with or without Service Pack 1. |
| Related URL |
CVE-2000-0851 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
