Vulnerability Bulletins |
Aumento de privilegios en Windows Services for UNIX |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Aumento de privilegios |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Microsoft |
Affected software |
Windows 2000 SP4 Windows XP SP2 Windows Server 2003 SP1 Windows Server 2003 SP2 Windows Server 2003 x64 Edition Windows Server 2003 x64 Edition SP2 Window Vista Windows Vista x64 Edition |
Description |
|
Se ha encontrado una vulnerabilidad en Windows Services for UNIX en las versiones 3.0 y 3.5 y en Subsystem for UNIX-based Applications. La vulnerabilidad yace cuando se ejecutan ciertos archivos setuid binarios. Un atacante remoto podría aumentar sus privilegios. |
|
Solution |
|
Actualización de software Microsoft Windows Server 2003 / patch WindowsServer2003-KB939778-x86-ENU.exe Windows Server 2003 x64 Edition / patch WindowsServer2003.WindowsXP-KB939778-x64-ENU.exe Windows Vista / patch Windows6.0-KB939778-x86.msu Windows Vista x64 Edition / patch Windows6.0-KB939778-x64.msu Windows Services for UNIX 3.0 / Windows 2000 SP4 / Windows XP SP2 / Windows Server 2003 SP1 / Windows Server 2003 SP2 / patch SFU3-KB939778-X86-ENU.exe Windows Services for UNIX 3.5 / Windows 2000 SP4 / Windows XP SP2 / Windows Server 2003 SP1 / Windows Server 2003 SP2 / patch SFU35-KB939778-X86-ENU.exe |
|
Standar resources |
|
Property | Value |
CVE | CVE-2007-3036 |
BID | |
Other resources |
|
Microsoft Security Bulletin MS07-053 http://www.microsoft.com/technet/security/bulletin/MS07-053.mspx |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2007-09-12 |