Vulnerability Note VU#768440
Microsoft Windows Services for UNIX privilege escalation vulnerability
Microsoft Windows Services for UNIX contains a vulnerability that may allow a local, authenticated attacker to gain elevated privileges.
Windows Services for UNIX fails to properly handle setuid binary files. An attacker may be able to trigger this vulnerability by running a specially crafted setuid binary file.
For more information, please see Microsoft Security Bulletin MS07-053.
A local, authenticated attacker may be able to gain elevated privileges on a vulnerable system.
Microsoft has released updates in Microsoft Security Bulletin MS07-053 to address this issue.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||12 Sep 2007|
CVSS Metrics (Learn More)
This vulnerability was reported in Microsoft Security Bulletin MS07-053. Microsoft thanks Brian Reiter of WolfeReiter for reporting the vulnerability to them.
This document was written by Katie Steiner.
- CVE IDs: CVE-2007-3036
- Date Public: 11 Sep 2007
- Date First Published: 12 Sep 2007
- Date Last Updated: 12 Sep 2007
- Severity Metric: 0.37
- Document Revision: 10
If you have feedback, comments, or additional information about this vulnerability, please send us email.