PROBLEM: A function which supports LPC (Local Procedure Calls) is flawed. A malicious user through a series of steps could fool the validation checking in the function into believing the user has higher privileges. PLATFORM: Microsoft Windows NT 4.0 Workstation, Microsoft Windows NT 4.0 Server, Microsoft NT 4.0 Server (Enterprise Edition), Microsoft Windows NT 4.0 Server (Terminal Server Edition) DAMAGE: A malicious user could logon to a Windows NT 4.0 machine and run a program posing as another user or the Administrator of the machine. SOLUTION: Install the hotfix from Microsoft.
VULNERABILITY The risk is low. A malicious user would need to have local ASSESSMENT: access to the machine and be able to, through a series of complicated steps, spoof the validation checking of an LPC function.
Voice: +1 925-422-8193 (7 x 24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: email@example.com World Wide Web: http://www.ciac.org/ http://ciac.llnl.gov (same machine -- either one will work) Anonymous FTP: ftp.ciac.org ciac.llnl.gov (same machine -- either one will work)