ID CVE-2000-0070
Type cve
Reporter cve@mitre.org
Modified 2018-10-12T21:29:00
Description
NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."
{"id": "CVE-2000-0070", "bulletinFamily": "NVD", "title": "CVE-2000-0070", "description": "NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka \"Spoofed LPC Port Request.\"", "published": "2000-01-12T05:00:00", "modified": "2018-10-12T21:29:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0070", "reporter": "cve@mitre.org", "references": ["http://xforce.iss.net/search.php3?type=2&pattern=nt-spoofed-lpc-port", "http://www.bindview.com/security/advisory/adv_NtImpersonate.html", "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q247869", "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-003", "http://www.securityfocus.com/bid/934"], "cvelist": ["CVE-2000-0070"], "type": "cve", "lastseen": "2021-02-02T05:19:02", "edition": 4, "viewCount": 28, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:1199"]}], "modified": "2021-02-02T05:19:02", "rev": 2}, "score": {"value": 6.7, "vector": "NONE", "modified": "2021-02-02T05:19:02", "rev": 2}, "vulnersScore": 6.7}, "cpe": ["cpe:/o:microsoft:windows_nt:4.0"], "affectedSoftware": [{"cpeName": "microsoft:windows_nt", "name": "microsoft windows nt", "operator": "eq", "version": "4.0"}, {"cpeName": "microsoft:windows_nt", "name": "microsoft windows nt", "operator": "eq", "version": "4.0"}, {"cpeName": "microsoft:windows_nt", "name": "microsoft windows nt", "operator": "eq", "version": "4.0"}, {"cpeName": "microsoft:windows_nt", "name": "microsoft windows nt", "operator": "eq", "version": "4.0"}, {"cpeName": "microsoft:windows_nt", "name": "microsoft windows nt", "operator": "eq", "version": "4.0"}, {"cpeName": "microsoft:windows_nt", "name": "microsoft windows nt", "operator": "eq", "version": "4.0"}, {"cpeName": "microsoft:windows_nt", "name": "microsoft windows nt", "operator": "eq", "version": "4.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "MS00-003", "refsource": "MS", "tags": [], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-003"}, {"name": "Q247869", "refsource": "MSKB", "tags": [], "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q247869"}, {"name": "nt-spoofed-lpc-port", "refsource": "XF", "tags": [], "url": "http://xforce.iss.net/search.php3?type=2&pattern=nt-spoofed-lpc-port"}, {"name": "20000113 Local Promotion Vulnerability in Windows NT 4", "refsource": "BINDVIEW", "tags": ["Patch", "Vendor Advisory", "Exploit"], "url": "http://www.bindview.com/security/advisory/adv_NtImpersonate.html"}, {"name": "934", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/934"}]}
{"osvdb": [{"lastseen": "2017-04-28T13:19:55", "bulletinFamily": "software", "cvelist": ["CVE-2000-0070"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nMicrosoft Knowledge Base Article: 247869\nKeyword: aka \"Spoofed LPC Port Request\"\nISS X-Force ID: 3821\n[CVE-2000-0070](https://vulners.com/cve/CVE-2000-0070)\nBugtraq ID: 934\n", "modified": "2000-01-13T00:00:00", "published": "2000-01-13T00:00:00", "id": "OSVDB:1199", "href": "https://vulners.com/osvdb/OSVDB:1199", "title": "NT NtImpersonateClientOfPort LPC Privilege Escalation", "type": "osvdb", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
