Home » Hacking News » Microsoft Windows 2000 / NT 4.0 Process Handle Local Privilege Elevation Vuln

Microsoft Windows 2000 / NT 4.0 Process Handle Local Privilege Elevation Vuln

by Nikola Strahija on March 16th, 2002 A vulnerability has been reported in Microsoft Windows 2000 and NT 4 which could allow a user to gain SYSTEM level privileges on the local host.

The debugging subsystem, which is available to all users, may be used to create duplicate handles to a privileged process. This may be used to allow an application with the privileges of the currently logged in user to execute arbitrary code with the privileges of the process that is accessed.

Remote: Yes

Exploit: hhtp://online.securityfocus.com/data/vulnerabilities/exploits/DebPloit.zip

From the forum

The forums are now OPEN AGAIN!

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Our online shop
Top sellers
New Items
Books
Software

Xatrix.org © Copyright 2001-2016, Xatrix Security . All Rights Reserved
Hacking into a victim of crime's phone is a sort of poetically elegant manifestation of a modus operandi the tabloids have. - Steve Coogan

Users login

JOIN XATRIX

Microsoft Windows 2000 / NT 4.0 Process Handle Local Privilege Elevation Vuln

Related articles

Advisories

Vulnerabilities

From the forum

Newsletter signup

Free E-books

Contact