9

CVE-2008-1436

EPSS 62.97%
Published 21.04.2008 17:05:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability, related to improper management of the SeImpersonatePrivilege user right, as originally reported for Internet Information Services (IIS), aka Token Kidnapping.

Affected products Warnungen 0 Metrics 2 CWE 0 References 23

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows-nt Versionvista Updatesp1 Editionx64

Microsoft ≫ Windows-nt Versionvista Updatesp2

Microsoft ≫ Windows-nt Versionvista Updatesp2 Editionx64

Microsoft ≫ Windows Server 2003

Microsoft ≫ Windows Server 2003 Updatesp1

Microsoft ≫ Windows Server 2003 Updatesp1 Editionitanium

Microsoft ≫ Windows Server 2003 Updatesp2

Microsoft ≫ Windows Server 2008 Editionitanium

Microsoft ≫ Windows Server 2008 Editionx32

Microsoft ≫ Windows Server 2008 Editionx64

Microsoft ≫ Windows Vista Editionx64

Microsoft ≫ Windows Vista Version- Updatesp1

Microsoft ≫ Windows Xp Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	62.97%	0.983

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

http://blogs.technet.com/msrc/archive/2008/04/17/msrc-blog-microsoft-security-advisory-951306.aspx

http://isc.sans.org/diary.html?storyid=4306

http://milw0rm.com/sploits/2008-Churrasco.zip

http://nomoreroot.blogspot.com/2008/10/windows-2003-poc-exploit-for-token.html

http://secunia.com/advisories/29867

Vendor Advisory

http://securitywatch.eweek.com/flaws/microsoft_belatedly_admits_to_windows_server_2008_token_kidnapping.html

http://www.argeniss.com/research/Churrasco.zip

http://www.argeniss.com/research/TokenKidnapping.pdf

http://www.microsoft.com/technet/security/advisory/951306.mspx

http://www.securityfocus.com/archive/1/491111/100/0/threaded

http://www.securityfocus.com/archive/1/497168/100/0/threaded

http://www.securityfocus.com/bid/28833

http://www.securitytracker.com/id?1019904

http://www.us-cert.gov/cas/techalerts/TA09-104A.html

US Government Resource

http://www.vupen.com/english/advisories/2008/1264/references

Vendor Advisory

http://www.vupen.com/english/advisories/2009/1026

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012

https://exchange.xforce.ibmcloud.com/vulnerabilities/41880

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5891

https://www.exploit-db.com/exploits/6705

https://nvd.nist.gov/vuln/detail/CVE-2008-1436

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1436

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1436

EUVD