Immunity, Inc.
Name ms10_059
CVE CVE-2010-2554
Exploit Pack CANVAS
CVE Name: CVE-2010-2554
VENDOR: Microsoft
This exploit gain SYSTEM from NETWORK_SERVICE or DefaultAppPool user by duplicating
a handle obtained from a tracing feature for services by writing on a key registry
with low access protection.

This is a port of Cesar Cerrudo's Chimichurri Token kidnapping for fitting in MOSDEF.

Should work on Windows 2008 and 7 without patch ms10_059 aka KB982799.

MSADV: MS10-059
Date Public: 08/10/2010
CVE Url:
CVSS: 6.8

Learn more about the CANVAS Exploit Pack here: CANVAS