Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   OS (Microsoft)  >   Windows Client-Server Run-time Subsystem Vendors:   Microsoft
Windows Client-Server Run-time Subsystem Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1025045
SecurityTracker URL:
CVE Reference:   CVE-2011-0030   (Links to External Site)
Date:  Feb 9 2011
Impact:   Disclosure of authentication information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): XP SP3, 2003 SP2; and prior service packs
Description:   A vulnerability was reported in the Windows Client-Server Run-time Subsystem (CSRSS). A local user can obtain elevated privileges on the target system.

A local user can execute code to monitor the actions of a target user that subsequently logs into the system.

Sihan Qing (Professor), Weiping Wen (Associate Professor), Liang Yi and Husheng Zhou (Graduate students), Department of Information Security, Beijing University, reported this vulnerability.

Impact:   A local user can monitor the actions of a target user to obtain information, potentially including authentication credentials.
Solution:   The vendor has issued the following fixes:

Windows XP Service Pack 3:

Windows XP Professional x64 Edition Service Pack 2:

Windows Server 2003 Service Pack 2:

Windows Server 2003 x64 Edition Service Pack 2:

Windows Server 2003 with SP2 for Itanium-based Systems:

A restart is required.

The Microsoft advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Access control error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC