Detections
Analytics
Microsoft Windows SMB Registry : NT MTS Package Administration Registry Key Permission Weakness
medium Nessus Plugin ID 11867
Synopsis
A local user can gain additional privileges.Description
The registry key HKLM\SOFTWARE\Microsoft\Transaction Server\Packages can be modified by users not in the admin group.Write access to this key allows an unprivileged user to gain additional privileges.
Solution
Use regedt32 and set the permissions of this key to :- admin group : Full Control
- system : Full Control
- everyone : Read
See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2000/ms00-095
Plugin Details
Severity: Medium
ID: 11867
File Name: smb_reg_MTS_access.nasl
Version: 1.24
Type: local
Agent: windows
Family: Windows
Published: 10/8/2003
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.5
CVSS v2
Risk Factor: Medium
Base Score: 4.6
Temporal Score: 3.4
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
Required KB Items: SMB/name, SMB/login, SMB/password, SMB/registry_access, SMB/transport
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 12/6/2000
Reference Information
CVE: CVE-2001-0047
BID: 2065
MSFT: MS00-095