Published: 15/09/2010 Updated: 07/12/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 951

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote malicious users to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC, as exploited in the wild in September 2010, aka "Print Spooler Service Impersonation Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows server 2008
microsoft windows server 2008 r2
microsoft windows server 2008 -
microsoft windows xp -
microsoft windows 7 -
microsoft windows vista -
microsoft windows xp
microsoft windows vista
microsoft windows server 2003

## # $Id: ms10_061_spoolssrb 11766 2011-02-17 19:22:11Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' requi ...

Tests whether target machines are vulnerable to ms10-061 Printer Spooler impersonation vulnerability.

nmap  -p 445 <target> --script=smb-vuln-ms10-061

PORT    STATE SERVICE      REASON
445/tcp open  microsoft-ds syn-ack

PrintDemon is a vulnerability that uses the Windows Printer Spooler to escalate privileges.

PrintDemon (CVE-2020-1048) PrintDemon is a vulnerability that uses the Windows Printer Spooler to escalate privileges, bypass Endpoint Detection & Response (EDR), and gain persistence The Windows Printer Spooler has a long history of vulnerabilities including a vulnerability (CVE-2010-2729) used by the well-known Malware called Stuxnet back in 2010 A printer must be a

PrintDemon is a vulnerability that uses the Windows Printer Spooler to escalate privileges.

PrintDemon (CVE-2020-1048) PrintDemon is a vulnerability that uses the Windows Printer Spooler to escalate privileges, bypass Endpoint Detection & Response (EDR), and gain persistence The Windows Printer Spooler has a long history of vulnerabilities including a vulnerability (CVE-2010-2729) used by the well-known Malware called Stuxnet back in 2010 A printer must be a

Kaspersky Security Bulletin 2010. Statistics, 2010

Securelist • Alexander Gostev Yury Namestnikov • 17 Feb 2011

This section of the report forms part of Kaspersky Security Bulletin 2010 and is based on data obtained and processed using the Kaspersky Security Network (KSN). KSN integrates cloud-based technologies into personal and corporate products and is one of Kaspersky Lab’s most important innovations. KSN assists Kaspersky Lab’s experts to swiftly detect new malware in real-time, when no corresponding signature or heuristic detection exists for these threats. KSN helps identify sources of malware ...

CVE-2010-2729

Vulnerability Summary

Vulnerability Trend

Exploits

Nmap Scripts

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect