[VIM] Stuxnet - little more clarification on one of two CVEs
security curmudgeon
jericho at attrition.org
Wed Nov 24 01:21:19 CST 2010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3888
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows
local users to gain privileges via unknown vectors, as exploited in the
wild in July 2010 by the Stuxnet worm, and identified by Kaspersky Lab
researchers and other researchers.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3889
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows
local users to gain privileges via unknown vectors, as exploited in the
wild in July 2010 by the Stuxnet worm, and identified by Microsoft
researchers and other researchers.
--
This article points out exploit code has been written for one of the two
local privilege escalation vulns:
http://www.net-security.org/secworld.php?id=10202
The exploit:
http://www.exploit-db.com/exploits/15589/
This is a vulnerability in the Windows Task Scheduler. I have not seen any
information to refute the claim that this is one of the Stuxnet vulns. For
now, OSVDB will be updating 68518 (tied to 2010-3888) to reference this.
We are picking 3888 as it is the lower number and 'first' one, no other
reason.
More information about the VIM
mailing list