Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Windows >> SMB Registry : permissions of the RAS key

Vulnerability Assessment Details

SMB Registry : permissions of the RAS key
Vulnerability Assessment Summary
Acertains the access rights of a remote key

Detailed Explanation for this Vulnerability Assessment

Summary :

Local users can gain additinal rights.

Description :

This script checks whether the following key can be modified
by non admins :

HKLM\Software\Microsoft\Windows\RAS

Write access to this key permits an unprivileged user to gain
additional rights.

See also :

http://www.microsoft.com/technet/security/bulletin/ms00-095.mspx

Solution :

Use regedt32 and set the permissions of this key to :

- admin group : Full Control
- system : Full Control
- everyone : Read

Network Security Threat Level:

Medium / CVSS Base Score : 5
(AV:L/AC:L/Au:NR/C:P/A:P/I:P/B:N)

Networks Security ID: 2064

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security
Cables, Connectors


Seagate Exos 7E10 ST2000NM000B 2TB 7200RPM SATA 6.0Gb/s 3.5

Seagate Exos 7E10 ST2000NM000B 2TB 7200RPM SATA 6.0Gb/s 3.5" Internal Hard Drive

$29.99


HGST Ultrastar HE10 HUH721010ALE600 10TB SATA 6Gb/s 7200RPM 3.5

HGST Ultrastar HE10 HUH721010ALE600 10TB SATA 6Gb/s 7200RPM 3.5" Enterprise HDD

$69.99


Western Digital 4TB WD Purple Surveillance HDD, Internal Hard Drive - WD43PURZ picture

Western Digital 4TB WD Purple Surveillance HDD, Internal Hard Drive - WD43PURZ

$96.99


WF12F DELL 1TB 7.2K 6GBPS SATA 2.5'' HDD HARD DRIVE ST91000640NS 0WF12F picture

WF12F DELL 1TB 7.2K 6GBPS SATA 2.5'' HDD HARD DRIVE ST91000640NS 0WF12F

$25.00


HGST Ultrastar DC HC520 12TB SATA 6Gb 256MB 3.5

HGST Ultrastar DC HC520 12TB SATA 6Gb 256MB 3.5" Enterprise HDD- HUH721212ALE601

$89.99


HGST HUS724040ALS640 4TB 7200RPM 64MB Cache 6Gbps SAS 3.5

HGST HUS724040ALS640 4TB 7200RPM 64MB Cache 6Gbps SAS 3.5" Hard Drive HDD SERVER

$19.99


2TB 3.5

2TB 3.5" HDD Sata Mixed Brands hard drive Tested Formatted

$18.99


2 PACK Seagate ST1000LM035 Mobile HDD 1TB 2.5

2 PACK Seagate ST1000LM035 Mobile HDD 1TB 2.5" SATA III Laptop Hard Drive

$26.89


WD 16TB Elements Desktop, Certified Refurbished Hard Drive - RWDBWLG0160HBK-NESN picture

WD 16TB Elements Desktop, Certified Refurbished Hard Drive - RWDBWLG0160HBK-NESN

$209.99


Seagate Exos X22 ST22000NM001E 22TB 512E SATA 6Gb/s 3.5

Seagate Exos X22 ST22000NM001E 22TB 512E SATA 6Gb/s 3.5" Enterprise Hard Drive

$311.99


Discussions

No Discussions have been posted on this vulnerability.