CVE-2001-1238

Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.
References
Link Resource
http://www.securityfocus.com/archive/1/197195 Broken Link Third Party Advisory VDB Entry Vendor Advisory
http://www.securityfocus.com/bid/3033 Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6919 Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/197195 Broken Link Third Party Advisory VDB Entry Vendor Advisory
http://www.securityfocus.com/bid/3033 Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6919 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:37

Type Values Removed Values Added
References () http://www.securityfocus.com/archive/1/197195 - Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory () http://www.securityfocus.com/archive/1/197195 - Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory
References () http://www.securityfocus.com/bid/3033 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory () http://www.securityfocus.com/bid/3033 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/6919 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/6919 - Third Party Advisory, VDB Entry

02 Feb 2024, 02:11

Type Values Removed Values Added
CPE cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*
References (BUGTRAQ) http://www.securityfocus.com/archive/1/197195 - Vendor Advisory (BUGTRAQ) http://www.securityfocus.com/archive/1/197195 - Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory
References (BID) http://www.securityfocus.com/bid/3033 - Patch, Vendor Advisory (BID) http://www.securityfocus.com/bid/3033 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/6919 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/6919 - Third Party Advisory, VDB Entry
CVSS v2 : 4.6
v3 : unknown
v2 : 4.6
v3 : 7.8
CWE NVD-CWE-Other CWE-178

Information

Published : 2001-07-16 04:00

Updated : 2024-11-20 23:37


NVD link : CVE-2001-1238

Mitre link : CVE-2001-1238

CVE.ORG link : CVE-2001-1238


JSON object : View

Products Affected

microsoft

  • windows_2000
CWE
CWE-178

Improper Handling of Case Sensitivity