CVE-2002-0018

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-0018
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://www.securityfocus.com/bid/3997
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001
https://exchange.xforce.ibmcloud.com/vulnerabilities/8023
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A159
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A64
http://www.securityfocus.com/bid/3997
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001
https://exchange.xforce.ibmcloud.com/vulnerabilities/8023
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A159
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A64
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*
History

20 Nov 2024, 23:38

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/3997 - () http://www.securityfocus.com/bid/3997 -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/8023 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/8023 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A159 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A159 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A64 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A64 -
Information

Published : 2002-03-08 05:00

Updated : 2024-11-20 23:38

NVD link : CVE-2002-0018

Mitre link : CVE-2002-0018

CVE.ORG link : CVE-2002-0018

JSON object : View

Products Affected

microsoft

  • windows_2000
  • windows_nt
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024