KLA10264 LPE vulnerability in PsTools

An improper disconnection was found in PsTools. By exploiting this vulnerability malicious users can gain privileged access to shares. This vulnerability can be exploited locally.

Original advisories

Related products

Microsoft-PsSuspend

Microsoft-PsExec

Microsoft-PsInfo

Microsoft-PsGetSid

Microsoft-PsKill

Microsoft-PsList

Microsoft-PsLogList

Microsoft-PsPasswd

Microsoft-PsService

Microsoft-PsShutdown

CVE list

CVE-2004-2730 warning

Solution

Update to latest version

Impacts

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Microsoft Sysinternals PsTools versions 2.04 and earlierMicrosoft Sysinternals PsExec before 1.53 and earlierMicrosoft Sysinternals PsGetsid before 1.40 and earlierMicrosoft Sysinternals PsInfo before 1.60 and earlierMicrosoft Sysinternals PsKill before 1.02 and earlierMicrosoft Sysinternals PsList before 1.25 and earlierMicrosoft Sysinternals PsLoglist before 2.50 and earlierMicrosoft Sysinternals PsPasswd before 1.20 and earlierMicrosoft Sysinternals PsService before 2.11 and earlierMicrosoft Sysinternals PsSuspend before 1.04 and earlierMicrosoft Sysinternals PsShutdown before 2.31 and earlier