CVE Vulnerabilities

CVE-2004-2730

Published: Dec 31, 2004 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.

Affected Software

Name Vendor Start Version End Version
Psexec Microsoft * 1.53
Psgetsid Microsoft * 1.40
Psinfo Microsoft * 1.60
Pskill Microsoft * 1.02
Pslist Microsoft * 1.25
Psloglist Microsoft * 2.50
Pspasswd Microsoft * 1.20
Psservice Microsoft * 2.11
Psshutdown Microsoft * 2.31
Pssuspend Microsoft * 1.04
Sysinternals_pstools Microsoft * 2.04

References