CVE-2004-2730

medium Microsoft
CVSS v3 Base Score
4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
0.9%
Exploitation probability in 30 days
Top 24% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: December 31, 2004 (7804 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.

CWE

CWE-264

Affected Products

microsoft psexecmicrosoft psgetsidmicrosoft psinfomicrosoft pskillmicrosoft pslistmicrosoft psloglistmicrosoft pspasswdmicrosoft psservicemicrosoft psshutdownmicrosoft pssuspend

References

🔗 secunia.com 🔗 securitytracker.com 🔗 www.osvdb.org 🔗 www.securityfocus.com 🔗 www3.ca.com