Lucene search

[email protected]CVE-2000-0070

HistoryApr 25, 2000 - 4:00 a.m.

CVE-2000-0070

2000-04-2504:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0070

windows nt 4.0

privilege escalation

ntimpersonateclientofport

lpc spoofing

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

18.4%

JSON

NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka “Spoofed LPC Port Request.”

Affected configurations

NVD

Node

microsoftwindows_ntMatch4.0

microsoftwindows_ntMatch4.0sp1

microsoftwindows_ntMatch4.0sp2

microsoftwindows_ntMatch4.0sp3

microsoftwindows_ntMatch4.0sp4

microsoftwindows_ntMatch4.0sp5

microsoftwindows_ntMatch4.0sp6

CPENameOperatorVersion
microsoft:windows_ntmicrosoft windows nteq4.0

CPE	Name	Operator	Version
microsoft:windows_nt	microsoft windows nt	eq	4.0

References

support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ247869

www.bindview.com/security/advisory/adv_NtImpersonate.html

www.securityfocus.com/bid/934

xforce.iss.net/search.php3?type=2&pattern=nt-spoofed-lpc-port

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-003

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

18.4%

JSON

Related for CVE-2000-0070

cvelist1 nvd1