• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows 2000 Telnet Privilege Escalation Vulnerability

A vulnerability exists in the way Windows 2000 telnet service handles server-side named pipes and the predictable names used for the pipes.

The predictability of server-side named pipes enables any local user with privileges to execute a program to create a server-side named pipe and assume the security context of the system service. By running the telnet service after arbitrary code has been attached to the appropriate named pipe, the code will be run in the Local System context as part of the initialization process.