CVE-2001-0860

Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*

History

20 Nov 2024, 23:36

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=100578220002083&w=2 - () http://marc.info/?l=bugtraq&m=100578220002083&w=2 -
References () http://www.securityfocus.com/bid/3541 - () http://www.securityfocus.com/bid/3541 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/7538 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/7538 -

Information

Published : 2001-12-06 05:00

Updated : 2024-11-20 23:36


NVD link : CVE-2001-0860

Mitre link : CVE-2001-0860

CVE.ORG link : CVE-2001-0860


JSON object : View

Products Affected

microsoft

  • windows_xp
  • windows_2000