MS06-011: Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)

Medium Nessus Plugin ID 21077


Local users may be able to elevate their privileges on the remote host.


The remote version of Windows contains services whose permissions are set to such a way that low-privileged local users may be able to change properties associated to each service and therefore manage to elevate their privileges.

To exploit this flaw, an attacker would need credentials to log into the remote host.


Microsoft has released a set of patches for Windows XP and 2003.

See Also

Plugin Details

Severity: Medium

ID: 21077

File Name: smb_nt_ms06-011.nasl

Version: $Revision: 1.24 $

Type: local

Agent: windows

Published: 2006/03/14

Modified: 2017/08/10

Dependencies: 13855, 57033

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2006/03/14

Vulnerability Publication Date: 2006/01/31

Reference Information

CVE: CVE-2006-0023

BID: 16484

OSVDB: 23044, 23045, 23046, 23047

CERT: 953860

MSFT: MS06-011

MSKB: 914798