===================================================================== CERT-Renater Note d'Information No. 2013/VULN546 _____________________________________________________________________ DATE : 11/12/2013 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Windows version XP, Server 2003. ====================================================================== KB2898715 https://technet.microsoft.com/en-us/security/bulletin/ms13-102 ______________________________________________________________________ Microsoft Security Bulletin MS13-102 - Important Vulnerability in LPC Client or LPC Server Could Allow Elevation of Privilege (2898715) Published Date: December 10, 2013 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted LPC port message to any LPC consumer or server. An attacker who successfully exploited the vulnerability could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. For more information, see the subsection, Affected and Non-Affected Software, in this section. Affected Software Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Vulnerability Information LPC Client/Server Buffer Overrun Vulnerability - CVE-2013-3878 An elevation of privilege vulnerability exists in Microsoft Local Procedure Call (LPC) where an attacker uses a specially crafted LPC port message to cause a stack-based buffer overflow condition on either the LPC client or LPC server. This could occur in vulnerable LRPC or ALPC consumers. An attacker who successfully exploited this vulnerability could then install programs; view, change, or delete data; or create new accounts with full administrator rights. ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================