4.6

CVE-2004-2730

EPSS 0.92%
Published 31.12.2004 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Psexec Version <= 1.53

Microsoft ≫ Psgetsid Version <= 1.40

Microsoft ≫ Psinfo Version <= 1.60

Microsoft ≫ Pskill Version <= 1.02

Microsoft ≫ Pslist Version <= 1.25

Microsoft ≫ Psloglist Version <= 2.50

Microsoft ≫ Pspasswd Version <= 1.20

Microsoft ≫ Psservice Version <= 2.11

Microsoft ≫ Psshutdown Version <= 2.31

Microsoft ≫ Pssuspend Version <= 1.04

Microsoft ≫ Sysinternals Pstools Version <= 2.04

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.92%	0.738

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/12108

Vendor Advisory

http://securitytracker.com/id?1010737

http://www.osvdb.org/8140

http://www.securityfocus.com/bid/10759

Patch

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=28304

https://exchange.xforce.ibmcloud.com/vulnerabilities/16743

https://nvd.nist.gov/vuln/detail/CVE-2004-2730

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-2730

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-2730

EUVD