CVE-2005-0352
CVSS7.2
发布时间 :2005-03-16 00:00:00
修订时间 :2016-10-17 23:10:59
NMCOPS    

[原文]Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges.


[CNNVD]Woodstone Servers Alive本地提权漏洞(CNNVD-200503-121)

        Servers Alive 4.1及5.0作为一项服务运行时,在加载帮助菜单项下的本地手册之前不会丢弃SYSTEM权限,本地用户可以借此获得权限。

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:woodstone:servers_alive:4.1
cpe:/a:woodstone:servers_alive:5.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0352
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0352
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200503-121
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=111100364513513&w=2
(UNKNOWN)  BUGTRAQ  20050316 Servers Alive: Local Privilege Escalation
http://www.securityfocus.com/bid/12822
(VENDOR_ADVISORY)  BID  12822
http://xforce.iss.net/xforce/xfdb/19715
(VENDOR_ADVISORY)  XF  serversalive-gain-privileges(19715)

- 漏洞信息

Woodstone Servers Alive本地提权漏洞
高危 设计错误
2005-03-16 00:00:00 2005-10-20 00:00:00
本地  
        Servers Alive 4.1及5.0作为一项服务运行时,在加载帮助菜单项下的本地手册之前不会丢弃SYSTEM权限,本地用户可以借此获得权限。

- 公告与补丁

        目前我们尚未获得厂商就此问题提供补丁的信息。如果您发现我们有误或者了解更新的信息,请给我们发邮件: vuldb@securityfocus.com

- 漏洞信息 (F36676)

serversAlive.txt (PacketStormID:F36676)
2005-03-22 00:00:00
Michael Starks  
exploit,local
CVE-2005-0352
[点击下载]

A vulnerability in Servers Alive versions 4.1 and 5.0 allows for local users to gain SYSTEM privileges via launching cmd.exe inside of Notepad.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

#######################################################################
Advisory information:

Title: Servers Alive - Privilege Escalation
CVE Candidate Number: CAN-2005-0352
Application: Servers Alive
Versions known affected: 4.1, 5.0; other versions not tested.
Classification: Privilege Escalation
Author: Michael Starks
Release date: March 16, 2005

#######################################################################
1. Introduction
2. Synopsis
3. Discussion
4. Impact
5. Resolution and/or workaround
6. Vendor Notification timeline
7. Acknowledgments
#######################################################################

1. Introduction
================
- From www.woodstone.nu:

Servers alive allows you to easily monitor hundreds of servers, or Internet 
services on a server, for uptime and availability. When it detects that a 
monitored service or computer has gone down it can make you aware through a 
variety of means.

2. Synopsis
============
A privilege-escalation vulnerability exists, allowing a local non-privileged 
user to obtain SYSTEM.

3. Discussion
==============
Servers Alive can be run in two modes; as an application or as a 
service.     

- 漏洞信息

14830
Servers Alive serversalive.exe Help Function Local Privilege Escalation

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-03-15 2005-01-24
2005-03-15 Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Woodstone Servers Alive Local Privilege Escalation Vulnerability
Design Error 12822
No Yes
2005-03-16 12:00:00 2009-07-12 10:56:00
Michael Starks <secure@michaelstarks.com> is credited with the discovery of this issue.

- 受影响的程序版本

Woodstone Servers Alive 5.0
Woodstone Servers Alive 4.1

- 漏洞讨论

A local privilege escalation vulnerability affects Woodstone Servers Alive. This issue is due to a design error that fails to implement proper access restrictions.

A local attacker may leverage this issue to gain SYSTEM privilege access to an affected computer.

- 漏洞利用

No exploit is required to leverage this issue.

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站