Re: [Full-disclosure] [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ % Local Privilege Escalation Vulnerability in Microsoft Windows XP
- From: Christoph Gruber <grisu@xxxxxxx>
- Date: Mon, 28 Aug 2006 16:41:02 +0200
On Friday 17 March 2006 03:07 Christoph Gruber wrote:
I want to straiten out, that this posting does NOT come from me!
A look at the header clarifies that:
Return-Path: <full-disclosure-bounces@xxxxxxxxxxxxxxxxx>
Received: from mx4.noc.eunet-ag.at (mx4.noc.eunet-ag.at
[193.154.160.127])
by imap02 (Cyrus v2.2.12-Red Hat 2.2.12-2tis) with LMTPA;
Fri, 17 Mar 2006 04:06:42 +0100
X-Sieve: CMU Sieve 2.2
Received: from lists.grok.org.uk (lists.grok.org.uk [195.184.125.51])
by mx4.noc.eunet-ag.at (8.13.0/8.13.0) with ESMTP id k2H36baA024009
for <list@xxxxxxx>; Fri, 17 Mar 2006 04:06:38 +0100
Received: from lists.grok.org.uk (localhost [127.0.0.1])
by lists.grok.org.uk (Postfix) with ESMTP id 14D5ABA7D;
Fri, 17 Mar 2006 02:25:27 +0000 (GMT)
X-Original-To: full-disclosure@xxxxxxxxxxxxxxxxx
Delivered-To: full-disclosure@xxxxxxxxxxxxxxxxx
Received: from guru.at (85-31-186-26.blue.kundencontroller.de
[85.31.186.26])
by lists.grok.org.uk (Postfix) with SMTP id D9D93AECF
for <full-disclosure@xxxxxxxxxxxxxxxxx>;
Fri, 17 Mar 2006 02:07:50 +0000 (GMT)
From: Christoph Gruber <list@xxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Best regards
[Advisory] % +Thu Mar 16 21:07:15 EST 2006+ % Local Privilege
Escalation Vulnerability in Microsoft Windows XP
----------------------------
o/ 卍 Background
There had been no identified background commentary on this
vulnerability indentified. ----------------------------
卍 \o Description
Microsoft Windows XP incorrectly validates user input, making
privilege escalation possible.
----------------------------
o/ 卍 History
2/21/2006 o/ Vendor Notification.
3/16/2006 o/ Public Disclosure.
----------------------------
卍 \o Workaround
There was no workarounds.
----------------------------
o/ 卍 Vendor Response
Microsoft Windows XP had extended no identified information.
----------------------------
Contact
Christoph Gruber lolville@xxxxxxx
1-888-565-9428
BEWARE THE JIZZTAPO!!!
..
_ .' `.
/\)
/ /
/ / /\
\ \ / \
_ \ \/ /\ \
(/\ \ / \ \
\ \ / \ (Y )
\ \/ /\ \ ""
\ / \ \
\/ / /
/ /
( Y)
""
CISSP GSAE CCE SSP-CNSA SSP-MPA GIPS CAP SSCP
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Christoph Gruber
"Das Geheimnis der Freiheit ist der Mut." Perikles (ca.500-429)
Attachment:
pgp13TohqBxH0.pgp
Description: PGP signature
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- [Full-disclosure] Re: [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ %Local Privilege Escalation Vulnerability in Microsoft Windows XP
- From: Dave \"No, not that one\" Korn
- [Full-disclosure] Re: [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ %Local Privilege Escalation Vulnerability in Microsoft Windows XP
- Prev by Date: [Full-disclosure] [vuln.sg] Cybozu Garoon 2 SQL Injection Vulnerabilities
- Next by Date: [Full-disclosure] InfoSec Paper: Creating Business Through Virtual Trust
- Previous by thread: Re: [Full-disclosure] [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ % Local Privilege Escalation Vulnerability in Microsoft Windows XP
- Next by thread: [Full-disclosure] Re: [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ %Local Privilege Escalation Vulnerability in Microsoft Windows XP
- Index(es):
