Vigil@nce - Windows: privilege escalation via NETLOGON
March 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use the NETLOGON service of Windows, in order to
escalate his privileges.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2,
Microsoft Windows 2012
Severity: 2/4
Creation date: 10/03/2015
DESCRIPTION OF THE VULNERABILITY
The NETLOGON service of Windows authenticates users on the domain.
However, an attacker who is authenticated on the domain, and who
can capture network packets, can spoof the identity of another
computer.
An attacker can therefore use the NETLOGON service of Windows, in
order to escalate his privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-privilege-escalation-via-NETLOGON-16371