MS08-005: Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
Medium Nessus Plugin ID 31039
SynopsisA local user can elevate his privileges on the remote host.
DescriptionThe remote host contains a version of Microsoft Internet Information Services (IIS) that is vulnerable to a security flaw that could allow a local user to elevate his privileges to SYSTEM due to a bug in the way IIS handles file change notifications in the FTPRoot, NNTPFile\Root and WWWRoot folders.
SolutionMicrosoft has released a set of patches for Windows 2000, Windows XP, Windows 2003 Server and Windows Vista.