| Name | ms10_059 |
| CVE | CVE-2010-2554 |
| Exploit Pack | CANVAS |
| Description | ms10_059 |
| Notes | References: http://www.microsoft.com/technet/security/bulletin/MS10-059.mspx CVE Name: CVE-2010-2554 VENDOR: Microsoft Notes: This exploit gain SYSTEM from NETWORK_SERVICE or DefaultAppPool user by duplicating a handle obtained from a tracing feature for services by writing on a key registry with low access protection. This is a port of Cesar Cerrudo's Chimichurri Token kidnapping for fitting in MOSDEF. Should work on Windows 2008 and 7 without patch ms10_059 aka KB982799. MSADV: MS10-059 Date Public: 08/10/2010 CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2554 CVSS: 6.8 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |