7.2
CVSSv2

CVE-2015-2370

Published: 14/07/2015 Updated: 08/05/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability."

Exploits

Source: githubcom/monoxgas/Trebuchet Trebuchet MS15-076 (CVE-2015-2370) Privilege Escalation Copies a file to any privileged location on disk Compiled with VS2015, precompiled exe in Binary directory Usage: trebuchetexe C:\Users\Bob\Eviltxt C:\Windows\System32\Evildll This is a lightly modified Proof of Concept by James Forshaw wit ...

Github Repositories

Trebuchet #####MS15-076 (CVE-2015-2370) Privilege Escalation ######Copies a file to any privileged location on disk Compiled with VS2015, precompiled exe in Binary directory Usage: trebuchetexe C:\Users\Bob\Eviltxt C:\Windows\System32\Evildll This is a lightly modified Proof of Concept by James Forshaw with Google, found here: codegooglecom/p/google-security-resear

Recent Articles

Miscreants tripled output of proof of concept exploits in 2015
The Register • John Leyden • 05 May 2016

Pastebin is for old hats. Cool black hats use Twitter now

Hackers collectively tripled the production of Proof-of-Concept exploits last year, according to a new study out on Thursday.
Researchers and black hats develop proof-of-concept (PoC) exploits for research or demonstration purposes.
These PoCs are developed for a various reasons – to demonstrate that software is vulnerable, force a company to develop a critical patch, showcase skills, or, in the most malicious cases, claim ownership of a working exploit that can run on real-world t...

Microsoft Security Updates July 2015
Securelist • Kurt Baumgartner • 14 Jul 2015

Microsoft releases a long list of updates to multiple technologies today with 14 Security Bulletins (MS15-058, MS15-065 – MS15-077) patching 58 vulnerabilities, and at least 47 of them reported through a a responsible disclosure channel. Meanwhile, several are being used and detected ITW as a part of limited targeted attacks, like the Microsoft Office RCE cve-2015-2424, ATMFD.DLL EoP cve-2015-2387, and the Internet Explorer JScript9 RCE cve-2015-2419. Some were the result of breach leaks as ...