MS.Windows.WINS.Privilege.Elevation
Description
This indicates an attack attempt to exploit a privilege elevation vulnerability in Microsoft's Windows Internet Name Service (WINS).
The vulnerability is caused by the WINS server's insufficient validation of the data structures within specially crafted WINS network packets. It could allow a local attacker to run code with elevated privileges. An attacker who successfully exploits this vulnerability could take complete control of the affected system.
Affected Products
Microsoft Windows 2000 Server SP4
Windows Server 2003 Service Pack 1 and Windows Server 2003 SP 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Impact
Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems.
Security Bypass: Remote attackers can bypass security checking of vulnerable systems.
Recommended Actions
Apply patch, available from the website:
http://www.microsoft.com/technet/security/Bulletin/ms08-034.mspx.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |