Vulnerability Bulletins

int(3420)

Vulnerability Bulletins

Aumento de privilegios en Windows Services for UNIX
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Aumento de privilegios
Dificulty	Experto
Required attacker level	Acceso remoto sin cuenta a un servicio estandar
System information
Property	Value
Affected manufacturer	Microsoft
Affected software	Windows 2000 SP4 Windows XP SP2 Windows Server 2003 SP1 Windows Server 2003 SP2 Windows Server 2003 x64 Edition Windows Server 2003 x64 Edition SP2 Window Vista Windows Vista x64 Edition
Description
Se ha encontrado una vulnerabilidad en Windows Services for UNIX en las versiones 3.0 y 3.5 y en Subsystem for UNIX-based Applications. La vulnerabilidad yace cuando se ejecutan ciertos archivos setuid binarios. Un atacante remoto podría aumentar sus privilegios.
Solution
Actualización de software Microsoft Windows Server 2003 / patch WindowsServer2003-KB939778-x86-ENU.exe Windows Server 2003 x64 Edition / patch WindowsServer2003.WindowsXP-KB939778-x64-ENU.exe Windows Vista / patch Windows6.0-KB939778-x86.msu Windows Vista x64 Edition / patch Windows6.0-KB939778-x64.msu Windows Services for UNIX 3.0 / Windows 2000 SP4 / Windows XP SP2 / Windows Server 2003 SP1 / Windows Server 2003 SP2 / patch SFU3-KB939778-X86-ENU.exe Windows Services for UNIX 3.5 / Windows 2000 SP4 / Windows XP SP2 / Windows Server 2003 SP1 / Windows Server 2003 SP2 / patch SFU35-KB939778-X86-ENU.exe
Standar resources
Property	Value
CVE	CVE-2007-3036
BID
Other resources
Microsoft Security Bulletin MS07-053 http://www.microsoft.com/technet/security/bulletin/MS07-053.mspx

Version history
Version	Comments	Date
1.0	Aviso emitido	2007-09-12

Vulnerability Bulletins

Aumento de privilegios en Windows Services for UNIX

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history