This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
A flaw in the Plug and Play service could allow an authenticated
attacker to execute arbitrary code on the remote host and therefore
elevate his privileges.
The remote host contains a version of the Plug and Play service that
contains a vulnerability in the way it handles user-supplied data.
An authenticated attacker could exploit this flaw by sending a malformed
RPC request to the remote service and execute code within the SYSTEM
See also :
Microsoft has released a set of patches for Windows 2000 and XP.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.0
Public Exploit Available : true