===================================================================== CERT-Renater Note d'Information No. 2004/VULN312 _____________________________________________________________________ DATE : 21/07/2004 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows NT 4.0, 2000. ====================================================================== MS04-020 Title: Vulnerability in POSIX Could Allow Code Execution (841872) Affected Software: - Microsoft Windows NT Workstation 4.0 Service Pack 6a - Microsoft Windows NT Server 4.0 Service Pack 6a - Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 - Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4 Impact of Vulnerability: Local Elevation of Privilege Maximum Severity Rating: Important Restart required: In some cases, this update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason or if required files are in use, this update will require a restart. If this occurs, a message appears that advises you to restart. Update can be uninstalled: Yes More information on this vulnerability is available at: http://www.microsoft.com/technet/security/bulletin/MS04-020.mspx ********************************************************************** ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================