Microsoft IIS 4.0, 5.0, and 5.1 has a vulnerability in dllhost.exe which allows local users to gain SYSTEM privilege. This vulnerability arises from the fact that the process of dllhost.exe harbors an impersonation token of SYSTEM account while processing user's request.
59f0eed38e0b61e096b9411bafd55ca8111563286a592ed9bc74f3da943e5263