MS10-059: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799)

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has multiple privilege escalation
vulnerabilities.

Description :

The version of Tracing Feature for Services on the remote host has the
following vulnerabilities :

- Windows places incorrect ACLs on registry keys, which
could allow an attacker to execute code with elevated
privileges. (CVE-2010-2554)

- Memory is allocated in an unspecified, unsafe manner
when processing specially crafted long strings. An
attacker could exploit this to execute code with elevated
privileges. (CVE-2010-2555)

See also :

http://technet.microsoft.com/en-us/security/bulletin/MS10-059

Solution :

Microsoft has released a set of patches for Windows Vista, 2008, 7,
and 2008 R2.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 48296 ()

Bugtraq ID: 42259
42269

CVE ID: CVE-2010-2554
CVE-2010-2555