Reported February 7, 2001, by BindView RAZOR Team.

VERSIONS AFFECTED
  • Microsoft Windows NT 4.0

DESCRIPTION

A local promotion vulnerability has been discovered in NT 4.0, all versions including Service Pack 6a (SP6a). A flaw in the way the NT LAN Manager (NTLM) Security Support Provider handles client requests can let a malicious user run a program as a privileged user.

VENDOR RESPONSE

Microsoft has released a security bulletin, MS01-008.

 

The original RAZOR advisory is available at:

 

http://razor.bindview.com/publish/advisories/adv_NTLMSSP.html

CREDIT
Discovered by
BindView RAZOR Team.