Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Windows >> SMB Registry : permissions of the RAS key


Vulnerability Assessment Details

SMB Registry : permissions of the RAS key

Vulnerability Assessment Summary
Acertains the access rights of a remote key

Detailed Explanation for this Vulnerability Assessment

Summary :

Local users can gain additinal rights.

Description :

This script checks whether the following key can be modified
by non admins :

HKLM\Software\Microsoft\Windows\RAS

Write access to this key permits an unprivileged user to gain
additional rights.

See also :

http://www.microsoft.com/technet/security/bulletin/ms00-095.mspx

Solution :

Use regedt32 and set the permissions of this key to :

- admin group : Full Control
- system : Full Control
- everyone : Read

Network Security Threat Level:

Medium / CVSS Base Score : 5
(AV:L/AC:L/Au:NR/C:P/A:P/I:P/B:N)

Networks Security ID: 2064

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security

Cables, Connectors


IBM 8284-22A S822 Dual Power8 Cpu 512Gb (16x 32Gb) RAM  picture

IBM 8284-22A S822 Dual Power8 Cpu 512Gb (16x 32Gb) RAM

$795.00



IBM Lenovo X3650 M5 2U 8x 2.5” CTO Rack Server – 2x HS, 2x 750W picture

IBM Lenovo X3650 M5 2U 8x 2.5” CTO Rack Server – 2x HS, 2x 750W

$199.00



IBM CS821 20-Core 2.827GHz 128Gb 1.92Tb SSD 1U Linux Server - 8005-12N Power 8 picture

IBM CS821 20-Core 2.827GHz 128Gb 1.92Tb SSD 1U Linux Server - 8005-12N Power 8

$599.95



IBM System x3650 (7945AC1) Server up to 288GB Ram over 10TB of storage picture

IBM System x3650 (7945AC1) Server up to 288GB Ram over 10TB of storage

$450.00



ibm server z series picture

ibm server z series

$16000.00



IBM | X3550 M4 | 2x E5-2650 @ 2.0GHz | 32Gb DDR3 | 2x 2TB 3.5 SATA HDD | w/Rails picture

IBM | X3550 M4 | 2x E5-2650 @ 2.0GHz | 32Gb DDR3 | 2x 2TB 3.5 SATA HDD | w/Rails

$175.00



IBM SR2300 Intel Xeon 3.2GHz Server w/2GB/CDROM/2xPS Delta WORKING  picture

IBM SR2300 Intel Xeon 3.2GHz Server w/2GB/CDROM/2xPS Delta WORKING

$33.95



IBM SYSTEM X3500 M3 SERVER 7380AC1 2*XEON E5620 2.4GHz 8GB SEE NOTES picture

IBM SYSTEM X3500 M3 SERVER 7380AC1 2*XEON E5620 2.4GHz 8GB SEE NOTES

$36.91



IBM 8203 E4A p520 Server 8203-E4A 4.2GHz 2-Core POWER6 32GB RAM / NO HDD USED picture

IBM 8203 E4A p520 Server 8203-E4A 4.2GHz 2-Core POWER6 32GB RAM / NO HDD USED

$149.99



IBM Server System X3100 M4 | Xeon @ 3.10 Ghz | 8GB | 250GB HDD No OS (IG-PC26) picture

IBM Server System X3100 M4 | Xeon @ 3.10 Ghz | 8GB | 250GB HDD No OS (IG-PC26)

$112.95



Discussions

No Discussions have been posted on this vulnerability.