| VID |
26021 |
| Severity |
40 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (Q280119) for the 'NTLMSSP Privilege Escalation' problem has not been applied.
The NTLM Security Support Provider (NTLMSSP) service in Windows NT 4.0 could allow a local attacker to gain elevated privileges. The NTLM Security Support Provider handles authentication requests associated with the NTLM protocol. A local attacker with valid login credentials could send a specially-crafted request to the NTLMSSP service to execute arbitrary code on the system with LocalSystem privileges, which are greater than or equal to administrative privileges.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* Platforms Affected:
Microsoft Windows NT, 2000
* References:
http://www.iss.net/security_center/static/6076.php
http://www.microsoft.com/technet/security/bulletin/ms01-008.asp |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS01-008 (http://www.microsoft.com/technet/security/bulletin/ms01-008.asp).
Download locations for this patch
Microsoft Windows NT 4.0 Workstation, Server, and Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27804
Microsoft Windows NT 4.0 Server, Terminal Server Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=27824 |
| Related URL |
CVE-2001-0016 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
