Oval Definition:
oval:org.mitre.oval:def:2062
Revision Date
:
2011-05-16
Version
:
45
Title
:
LSASS Privilege Escalation Vulnerability (64-bit XP, SP1)
Description
:
LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Family
:
windows
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2004-0894
Platform(s)
:
Microsoft Windows XP
Product(s)
:
Local Security Authority Subsystem Service (LSASS)
Definition Synopsis
Windows XP 64-bit with Service Pack 1
Windows XP is installed
AND
a version of Windows for the ia64 architecture is installed
AND
Win2K/XP/2003/Vista service pack 1 is installed
AND
the version of lsasrv.dll is less than 5.1.2600.1597
AND
NOT
the patch kb885835is installed (Hotfix key)
BACK