Hi All,
This may be little off the track but definitely it has got everything to
do with security. Can anyone throw some more light on the bug reported
in windows2000 on may 25th 2001 , mentioned below
---------------------
MS Windows 2000 Debug Register Privilege Escalation Vulnerability
A vulnerability exists in the handling of debug registers in Windows
2000.
It is possible for unprivileged processes to create breakpoints for
arbitrary processes. This can be used to 'kill' arbitrary processes
without administrative privileges.
Since it is possible for an unprivileged process to terminate arbitrary
processes, depending on the programs involved, this vulnerability could
be used to leverage other attacks. Including a denial of service or
elevating privileges by 'impersonating' a trusted named pipe.
Microsoft says this can be corrected using win2k sp2,
--------------
But Sp2 itself is not stable........
I just wish to know the severity of this issue.
TIA
Madhur
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
