Microsoft Windows SMB Registry : Winlogon Key Permission Weakness

This script is Copyright (C) 2000-2015 Tenable Network Security, Inc.


Synopsis :

Local users can gain SYSTEM privileges.

Description :

The registry key HKLM\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon is writeable by users who are not in the
admin group.

This key contains a value which defines which program should be run
when a user logs on.

As this program runs in the SYSTEM context, the users who have the
right to change the value of this key can gain more privileges on this
host.

Solution :

Use regedt32 and set the permissions of this key to :

- admin group : Full Control
- system : Full Control
- everyone : Read

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:F/RL:OF/RC:C)

Family: Windows

Nessus Plugin ID: 10429 ()

Bugtraq ID: 182

CVE ID: CVE-1999-0589

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now