Brian Vagnoni on 15 Sep 2007 18:09:09 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege (939778)


I know this is a Linux forum but we have unfortunately and inevitably have to contact either to Windows Systems or have them connect to our Linux systems. Security is my thing so here you are.

Brian Vagnoni

MS07-053
Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege (939778)
http://www.microsoft.com/technet/security/bulletin/MS07-053.mspx

Microsoft Severity Rating: Important
eEye Severity Rating: Medium

Description
This patch fixes one vulnerability within Microsoft Windows Services for UNIX. This vulnerability allows for remote the elevation of privileges to Administrator.
  • CVE-2007-3036 - Windows Services for UNIX Could Allow Elevation of Privilege
    A vulnerability exists in Windows Services for UNIX 3.0, Windows Services for UNIX 3.5, and Subsystem for UNIX-based Applications where running certain setuid binary files could allow an attacker to gain elevation of privilege. An attacker who successfully exploited this vulnerability could gain elevation of privilege.

The exploitation of this vulnerability requires heavy user interaction by logging in locally to execute certain programs. However, by coupling an exploit of this vulnerability with a client-side vulnerability, there is the possibility that this exploit could be delivered remotely by piggy-backing off of a client-side vulnerability to gain local access to the target host.

Recommendations
Although exploit code for this vulnerability has not been released, eEye Research suggests that vulnerable hosts be patched for this vulnerability as soon as possible. If Windows Services for UNIX is not necessary on a host, it should be uninstalled.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug