Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MS01-031 | First vendor Publication | N/A |
| Vendor | Microsoft | Last vendor Modification | N/A |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Predictable Named Pipes Could Enable Privilege Elevation via Telnet |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 13475 | Microsoft Windows 2000 Telnet Service Predictable Named Pipe Arbitrary Comman... |
| 13474 | Microsoft Windows 2000 Telnet Service Predictable Named Pipe Arbitrary Comman... |
| 5686 | Microsoft Windows Telnet Service Account Information Disclosure The Microsoft Windows 2000 Telnet service contains a flaw that may allow a malicious user to access accounts which should not be accessible. The issue is triggered when a special set of characters is used as a prefix to the username supplied (in place of a domain name). This flaw causes the service to search the domain, and any trusted domains, for the specified user. It is possible that the flaw may allow an attacker to authenticate from normally inaccessible common domain accounts such as the guest account. This flaw may result in an attacker gaining telnet access via an exposed account as described above. |
| 1861 | Microsoft Windows Telnet Local System Call DoS |
| 1860 | Microsoft Windows Telnet Service Handle Leak DoS |
| 1859 | Microsoft Windows Telnet Multiple Sessions DoS |
| 1858 | Microsoft Windows Telnet Service Logon Backspace DoS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2003-03-12 | Name : The remote host is vulnerable to privilege escalation. File : smb_nt_ms02-001.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:44:34 |
|
