Home » Hacking News » Microsoft Windows 2000 / NT 4.0 Process Handle Local Privilege Elevation Vuln
Microsoft Windows 2000 / NT 4.0 Process Handle Local Privilege Elevation Vuln
by Nikola Strahija on March 16th, 2002 A vulnerability has been reported in Microsoft Windows 2000 and NT 4 which could allow a user to gain SYSTEM level privileges on the local host.
The debugging subsystem, which is available to all users, may be used to create duplicate handles to a privileged process. This may be used to allow an application with the privileges of the currently logged in user to execute arbitrary code with the privileges of the process that is accessed.
Remote: Yes
Exploit: hhtp://online.securityfocus.com/data/vulnerabilities/exploits/DebPloit.zip