MS00-052: Relative Shell Path patch (269049)

This script is Copyright (C) 2000-2013 Tenable Network Security, Inc.


Synopsis :

A local user can elevate his privileges.

Description :

The hotfix for the 'Relative Shell Path' vulnerability has not been
applied.

This vulnerability allows a malicious user who can write to the remote
system root to cause the code of malicious user's choice to be
executed by the users who will interactively log into this host.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms00-052

Solution :

Microsoft has released a set of patches for Windows NT and 2000.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.3
(CVSS2#E:U/RL:OF/RC:C)

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 10486 ()

Bugtraq ID: 1507

CVE ID: CVE-2000-0663