Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2002-0367 | First vendor Publication | 2002-06-25 |
| Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0367 |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-21 | Exploitation of Session Variables, Resource IDs and other Trusted Credentials |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-77 | Manipulating User-Controlled Variables |
| CAPEC-274 | HTTP Verb Tampering |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:158 | |||
| Oval ID: | oval:org.mitre.oval:def:158 | ||
| Title: | Windows NT Process Handle Duplication Privilege Escalation | ||
| Description: | smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2002-0367 | Version: | 1 |
| Platform(s): | Microsoft Windows NT | Product(s): | Windows NT 4.0 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:76 | |||
| Oval ID: | oval:org.mitre.oval:def:76 | ||
| Title: | Windows 2000 Process Handle Duplication Privilege Escalation | ||
| Description: | smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2002-0367 | Version: | 6 |
| Platform(s): | Microsoft Windows 2000 | Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 1 | |
| Os | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2005-11-03 | Name : Windows Debugger flaw can Lead to Elevated Privileges (Q320206) File : nvt/smb_nt_ms02-024.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 788 | Microsoft Windows smss.exe Handle Duplication Local Privilege Escalation |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2002-05-23 | Name : A local user can elevate his privileges. File : smb_nt_ms02-024.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:01:39 |
|
| 2021-04-22 01:01:47 |
|
| 2020-05-23 00:14:57 |
|
| 2018-10-13 00:22:25 |
|
| 2017-10-10 09:23:24 |
|
| 2016-10-18 12:01:00 |
|
| 2016-04-26 12:08:26 |
|
| 2014-02-17 10:24:36 |
|
| 2013-05-11 12:09:09 |
|
