VULHUB ™

A vulnerability has been discovered in Network Connection Manager (NCM) which may enable users with interactive access to an affected host to gain elevated privileges. NCM calls a handler routine whenever a network connection is established with the Windows 2000 host system. A flaw exists in NCM which may allow local, unprivileged users to configure the handler routine that is called for new connections. The affected handler routine is intended to run with the same privileges as the local user, but instead may run in the LocalSystem context, which is the same context that NCM runs in. Local attackers may provide a custom handler routine, which when invoked via the creation of a new connection through NCM will execute with full system privileges.

A vulnerability has been discovered in Network Connection Manager (NCM) which may enable users with interactive access to an affected host to gain elevated privileges. NCM calls a handler routine whenever a network connection is established with the Windows 2000 host system. A flaw exists in NCM which may allow local, unprivileged users to configure the handler routine that is called for new connections. The affected handler routine is intended to run with the same privileges as the local user, but instead may run in the LocalSystem context, which is the same context that NCM runs in. Local attackers may provide a custom handler routine, which when invoked via the creation of a new connection through NCM will execute with full system privileges.