Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Posted 02 February 2006 - 08:11 PM
Quote
Advisory ID : FrSIRT/ADV-2006-0417
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2006-02-02
EXPLOIT: POC exploit code can be found at FrSIRT
Technical Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by malicious users to obtain elevated privileges. This flaw is due to an access validation in the Simple Service Discovery Protocol (SSDP) Discovery and the Universal Plug and Play Device Host (UPnP) services that fail to properly validate user permissions, which could be exploited by local unprivileged attackers to bypass security restrictions and execute malicious programs with elevated privileges.
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2006-02-02
EXPLOIT: POC exploit code can be found at FrSIRT
Technical Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by malicious users to obtain elevated privileges. This flaw is due to an access validation in the Simple Service Discovery Protocol (SSDP) Discovery and the Universal Plug and Play Device Host (UPnP) services that fail to properly validate user permissions, which could be exploited by local unprivileged attackers to bypass security restrictions and execute malicious programs with elevated privileges.
Thankfully, this new vulnerability is not remotely exploitable as it requires local access to the PC. Still, someone with a crafted version of the exploit on a memory stick or other media might be able to compromise security controls on the local PC.
Microsoft Windows SSDP and UPnP Services Privilege Escalation Issue
http://www.frsirt.com/english/advisories/2006/0417
Back to top
