OVAL Reference oval:org.mitre.oval:def:3325

Oval Definition:

oval:org.mitre.oval:def:3325

Revision Date:	2011-05-16	Version:	45
Title:	LSASS Privilege Escalation Vulnerability (32-bit XP, SP1)
Description:	LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-0894
Platform(s):	Microsoft Windows XP	Product(s):	Local Security Authority Subsystem Service (LSASS)
Definition Synopsis
Windows XP 32-bit edition is installed Windows XP is installed AND 32-Bit version of Windows is installed AND Win2K/XP/2003/Vista service pack 1 is installed AND the version of lsasrv.dll is less than 5.1.2600.1597 AND NOT the patch kb885835is installed (Hotfix key)