### [CVE-2008-1436](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1436)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability, related to improper management of the SeImpersonatePrivilege user right, as originally reported for Internet Information Services (IIS), aka Token Kidnapping.

### POC

#### Reference
- http://isc.sans.org/diary.html?storyid=4306
- http://nomoreroot.blogspot.com/2008/10/windows-2003-poc-exploit-for-token.html
- https://www.exploit-db.com/exploits/6705

#### Github
No PoCs found on GitHub currently.