| VID |
26535 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix (MS10-068, 983539) for 'Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege' has not been applied.
An authenticated elevation of privilege vulnerability exists in Microsoft Windows due to the way that the Local Security Authority Subsystem Service (LSASS) improperly handles certain Lightweight Directory Access Protocol (LDAP) messages. The vulnerability exists in implementations of Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). An attacker must have previously authenticated with the LSASS server prior to exploiting this issue. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS10-068.mspx
* Platforms Affected:
Microsoft Windows XP SP3
Windows Server 2003 SP2
Windows Vista SP2
Windows Server 2008 and SP2
Windows 7 |
| Recommendation |
Apply the appropriate patch (983539)for your system, as listed in Microsoft Security Bulletin MS10-068 at http://www.microsoft.com/technet/security/Bulletin/MS10-068.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2010-0820 (CVE) |
| Related URL |
43037 (SecurityFocus) |
| Related URL |
(ISS) |
|
