4.6

CVE-2004-2730

EPSS 0.92%
Veröffentlicht 31.12.2004 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Psexec Version <= 1.53

Microsoft ≫ Psgetsid Version <= 1.40

Microsoft ≫ Psinfo Version <= 1.60

Microsoft ≫ Pskill Version <= 1.02

Microsoft ≫ Pslist Version <= 1.25

Microsoft ≫ Psloglist Version <= 2.50

Microsoft ≫ Pspasswd Version <= 1.20

Microsoft ≫ Psservice Version <= 2.11

Microsoft ≫ Psshutdown Version <= 2.31

Microsoft ≫ Pssuspend Version <= 1.04

Microsoft ≫ Sysinternals Pstools Version <= 2.04

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.92%	0.738

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/12108

Vendor Advisory

http://securitytracker.com/id?1010737

http://www.osvdb.org/8140

http://www.securityfocus.com/bid/10759

Patch

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=28304

https://exchange.xforce.ibmcloud.com/vulnerabilities/16743

https://nvd.nist.gov/vuln/detail/CVE-2004-2730

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-2730

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-2730

EUVD