ID CVE-2004-0893
Summary The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1_beta_1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1_beta_1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1_beta_1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1_beta_1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1_beta_1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1_beta_1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:r2:sp1_beta_1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:r2:sp1_beta_1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:standard:sp1_beta_1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:standard:sp1_beta_1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:web:sp1_beta_1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:web:sp1_beta_1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*
CVSS
Base: 7.2 (as of 30-04-2019 - 14:27)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2008-03-24T04:00:12.876-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Jonathan Baker
      organization The MITRE Corporation
    definition_extensions
    comment Microsoft Windows NT is installed
    oval oval:org.mitre.oval:def:36
    description The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
    family windows
    id oval:org.mitre.oval:def:1321
    status accepted
    submitted 2004-12-16T12:00:00.000-04:00
    title Windows Kernel LPC Privilege Escalation Vulnerability (NT 4.0)
    version 69
  • accepted 2011-05-16T04:01:19.923-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Andrew Buttner
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
    family windows
    id oval:org.mitre.oval:def:1561
    status accepted
    submitted 2004-12-16T12:00:00.000-04:00
    title Windows Kernel LPC Privilege Escalation Vulnerability (Windows 2000)
    version 69
  • accepted 2005-02-23T09:25:00.000-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    description The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
    family windows
    id oval:org.mitre.oval:def:1581
    status deprecated
    submitted 2005-01-05T12:00:00.000-04:00
    title Suppressed Test OVAL1581 (Identical to OVAL4458)
    version 63
  • accepted 2011-05-16T04:02:00.070-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
    family windows
    id oval:org.mitre.oval:def:1886
    status accepted
    submitted 2005-01-05T12:00:00.000-04:00
    title Windows Kernel LPC Privilege Escalation Vulnerability (32-bit XP,SP1)
    version 68
  • accepted 2011-05-16T04:02:17.381-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
    family windows
    id oval:org.mitre.oval:def:2008
    status accepted
    submitted 2005-01-05T12:00:00.000-04:00
    title Windows Kernel LPC Privilege Escalation Vulnerability (64-bit XP)
    version 68
  • accepted 2008-03-24T04:00:33.323-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Jonathan Baker
      organization The MITRE Corporation
    definition_extensions
    comment Microsoft Windows NT is installed
    oval oval:org.mitre.oval:def:36
    description The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
    family windows
    id oval:org.mitre.oval:def:4021
    status accepted
    submitted 2004-12-16T12:00:00.000-04:00
    title Windows Kernel LPC Privilege Escalation Vulnerability (NT Terminal Server)
    version 68
  • accepted 2005-02-23T09:25:00.000-04:00
    class vulnerability
    contributors
    name Christine Walzer
    organization The MITRE Corporation
    description The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
    family windows
    id oval:org.mitre.oval:def:4458
    status accepted
    submitted 2005-01-05T12:00:00.000-04:00
    title Windows Kernel LPC Privilege Escalation Vulnerability (Server 2003)
    version 64
  • accepted 2011-05-16T04:03:00.570-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description gain privileges, aka "Windows Kernel Vulnerability."
    family windows
    id oval:org.mitre.oval:def:450
    status accepted
    submitted 2004-12-21T12:00:00.000-04:00
    title Windows Kernel LPC Privilege Escalation Vulnerability (32-bit XP,SP2)
    version 68
refmap via4
ms MS04-044
xf win-kernel-lpc-gain-privileges(18339)
Last major update 30-04-2019 - 14:27
Published 10-01-2005 - 05:00
Back to Top