Skip to main content

Microsoft Windows Remote Access Service NDISTAPI Elevation of Privilege Vulnerability

Last Update Date: 10 Aug 2011 11:56 Release Date: 10 Aug 2011 6191 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

An elevation of privilege vulnerability exists in the Remote Access Service NDISTAPI driver. The vulnerability is caused when the NDISTAPI driver improperly validates user-supplied input when passing data from user mode to the Windows kernel. A local attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.


Impact

  • Elevation of Privilege

System / Technologies affected

  • Windows XP
  • Windows Server 2003

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link