Boletines de Vulnerabilidades |
Compromiso de root en Microsoft Windows |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Probable |
Impacto | Compromiso Root |
Dificultad | Principiante |
Requerimientos del atacante | Acceso remoto con cuenta |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricante afectado | Microsoft |
Software afectado |
Microsoft Windows 2000 Microsoft Windows 2000 Service Pack 1 Microsoft Windows 2000 Service Pack 2 Microsoft Windows 2000 Service Pack 3 Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Microsoft Windows XP Service Pack 1 Microsoft Windows XP Service Pack 2 |
Descripción |
|
Se ha descubierto una vulnerabilidad en los sistemas Microsoft Windows. La vulnerabilidad reside en un error en el manejo de las estructuras GDI del kernel de Microsoft Windows. Un atacante local podría causar una denegación de servicio o ejecutar código arbitrario si el ataque surge efecto y escalar privilegios hasta ganar el control total del sistema. |
|
Solución |
|
Actualización de software Microsoft Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=92F20599-3E7B-4217-91E6-FDCFB4C56856 Microsoft Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=F82EA184-945F-4B78-9463-10AC20A75020 Microsoft Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=EA5E1B87-4DB5-4B1A-891E-29C6BD6C0184 Microsoft Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=EA5E1B87-4DB5-4B1A-891E-29C6BD6C0184 Microsoft Windows Server 2003 http://www.microsoft.com/downloads/details.aspx?FamilyId=9F73A782-DEAF-46E0-B3E0-79042FF39979 Microsoft Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=9F73A782-DEAF-46E0-B3E0-79042FF39979 Microsoft Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=9F73A782-DEAF-46E0-B3E0-79042FF39979 Microsoft Windows Server 2003 / Itanium-based Systems http://www.microsoft.com/downloads/details.aspx?FamilyId=7BA63879-4FC7-4A5C-B9B5-F98C5CDC6840 Microsoft Windows Server 2003 SP1 / Itanium-based Systems http://www.microsoft.com/downloads/details.aspx?FamilyId=7BA63879-4FC7-4A5C-B9B5-F98C5CDC6840 Microsoft Windows Server 2003 SP2 / Itanium-based Systems http://www.microsoft.com/downloads/details.aspx?FamilyId=7BA63879-4FC7-4A5C-B9B5-F98C5CDC6840 Microsoft Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=3276DD11-4E2F-4183-A542-82AC3C6D9754 Microsoft Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=3276DD11-4E2F-4183-A542-82AC3C6D9754 Windows Vista http://www.microsoft.com/downloads/details.aspx?FamilyId=D8B0E65C-5B41-46EB-92DF-0B062CFCDEEC Windows Vista x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=FB0FF2B5-05FE-4158-B4B7-DA0D7F82C04B |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE | CVE-2006-5758 |
BID | 20940 |
Recursos adicionales |
|
Month of Kernel Bugs (MOKB-06-11-2006) http://projects.info-pull.com/mokb/MOKB-06-11-2006.html Microsoft Security Bulletin MS07-017 http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Aviso emitido | 2006-11-09 |
1.1 | Aviso emitido por Microsoft (MS07-017) | 2007-04-11 |