MS06-011: Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)
Medium Nessus Plugin ID 21077
SynopsisLocal users may be able to elevate their privileges on the remote host.
DescriptionThe remote version of Windows contains services whose permissions are set to such a way that low-privileged local users may be able to change properties associated to each service and therefore manage to elevate their privileges.
To exploit this flaw, an attacker would need credentials to log into the remote host.
SolutionMicrosoft has released a set of patches for Windows XP and 2003.