Vulnerability Description
Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Psexec | <= 1.53 |
| Microsoft | Psgetsid | <= 1.40 |
| Microsoft | Psinfo | <= 1.60 |
| Microsoft | Pskill | <= 1.02 |
| Microsoft | Pslist | <= 1.25 |
| Microsoft | Psloglist | <= 2.50 |
| Microsoft | Pspasswd | <= 1.20 |
| Microsoft | Psservice | <= 2.11 |
| Microsoft | Psshutdown | <= 2.31 |
| Microsoft | Pssuspend | <= 1.04 |
| Microsoft | Sysinternals Pstools | <= 2.04 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/12108Vendor Advisory
- http://securitytracker.com/id?1010737
- http://www.osvdb.org/8140
- http://www.securityfocus.com/bid/10759Patch
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=28304
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16743
- http://secunia.com/advisories/12108Vendor Advisory
- http://securitytracker.com/id?1010737
- http://www.osvdb.org/8140
- http://www.securityfocus.com/bid/10759Patch
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=28304
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16743
FAQ
What is CVE-2004-2730?
CVE-2004-2730 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsP...
How severe is CVE-2004-2730?
CVE-2004-2730 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2730?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Psexec, Microsoft Psgetsid, Microsoft Psinfo, Microsoft Pskill, Microsoft Pslist.