Vulnonym.org

CVE-2008-1436 - Inductive Fornicate

Description

Microsoft Windows XP Professional SP2 Vista and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability related to improper management of the SeImpersonatePrivilege user right as originally reported for Internet Information Services (IIS) aka Token Kidnapping.

Reference

http://www.securitytracker.com/id?1019904 http://secunia.com/advisories/29867 http://isc.sans.org/diary.html?storyid=4306 http://blogs.technet.com/msrc/archive/2008/04/17/msrc-blog-microsoft-security-advisory-951306.aspx http://www.microsoft.com/technet/security/advisory/951306.mspx http://www.securityfocus.com/bid/28833 http://nomoreroot.blogspot.com/2008/10/windows-2003-poc-exploit-for-token.html http://www.argeniss.com/research/Churrasco.zip http://milw0rm.com/sploits/2008-Churrasco.zip http://securitywatch.eweek.com/flaws/microsoft_belatedly_admits_to_windows_server_2008_token_kidnapping.html http://www.argeniss.com/research/TokenKidnapping.pdf http://www.vupen.com/english/advisories/2009/1026 http://www.us-cert.gov/cas/techalerts/TA09-104A.html http://www.vupen.com/english/advisories/2008/1264/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41880 https://www.exploit-db.com/exploits/6705 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5891 http://www.securityfocus.com/archive/1/497168/100/0/threaded http://www.securityfocus.com/archive/1/491111/100/0/threaded https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012