Vigil@nce: Windows Server 2008 R2, altering cluster data
October 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
When a disk cluster is used, a local attacker can alter data
located in the administrative share.
– Severity: 2/4
– Creation date: 13/10/2010
DESCRIPTION OF THE VULNERABILITY
The MSCS (Microsoft Cluster Service) service manages a cluster of
hard drives.
The Failover Cluster Manager tool adds a disk to a cluster.
However, during the operation, permissions on the administrative
share allow everyone to read/execute/delete.
When a disk cluster is used, a local attacker can therefore alter
data located in the administrative share.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-Server-2008-R2-altering-cluster-data-10032