Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability.
References
Configurations
History
20 Nov 2024, 23:35
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/587587 - US Government Resource | |
References | () http://www.securityfocus.com/bid/2849 - | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-031 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/6664 - |
Information
Published : 2001-07-21 04:00
Updated : 2024-11-20 23:35
NVD link : CVE-2001-0349
Mitre link : CVE-2001-0349
CVE.ORG link : CVE-2001-0349
JSON object : View
Products Affected
microsoft
- windows_2000
CWE