ID CVE-2000-0771 Type cve Reporter NVD Modified 2018-10-12T17:29:46
Description
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.
{"nessus": [{"lastseen": "2019-01-16T20:05:12", "bulletinFamily": "scanner", "description": "The hotfix for the 'Local Security Policy Corruption' problem has not\nbeen applied.\n\nThis vulnerability allows a malicious user to corrupt parts of a Windows\n2000 system's local security policy, which could prevent this host from\ncommunicating with other hosts in this domain.", "modified": "2018-11-15T00:00:00", "published": "2000-08-30T00:00:00", "id": "SMB_NT_MS00-062.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=10499", "title": "MS00-062: Local Security Policy Corruption (269609)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(10499);\n script_version(\"1.49\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\"CVE-2000-0771\");\n script_bugtraq_id(1613);\n script_xref(name:\"MSFT\", value:\"MS00-062\");\n script_xref(name:\"MSKB\", value:\"269609\");\n\n script_name(english:\"MS00-062: Local Security Policy Corruption (269609)\");\n script_summary(english:\"Determines whether the hotfix Q269609 is installed\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"A local user can corrupt the remote system.\");\n script_set_attribute(attribute:\"description\", value:\n\"The hotfix for the 'Local Security Policy Corruption' problem has not\nbeen applied.\n\nThis vulnerability allows a malicious user to corrupt parts of a Windows\n2000 system's local security policy, which could prevent this host from\ncommunicating with other hosts in this domain.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2000/ms00-062\");\n script_set_attribute(attribute:\"solution\", value:\"Microsoft has released a set of patches for Windows 2000.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2000/08/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2000/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2000/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS00-062';\nkb = \"269609\";\n\nkbs = make_list(kb);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_NOTE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp(win2k:1) <= 0) exit(0, \"The host is not affected based on its version / service pack.\");\n\n\nif (hotfix_missing(name:\"Q269609\") > 0)\n{\n if (\n defined_func(\"report_xml_tag\") &&\n !isnull(bulletin) &&\n !isnull(kb)\n ) report_xml_tag(tag:bulletin, value:kb);\n\n hotfix_security_note();\n set_kb_item(name:\"SMB/Missing/\"+bulletin, value:TRUE);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n\n\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:19:55", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[CVE-2000-0771](https://vulners.com/cve/CVE-2000-0771)\nBugtraq ID: 1613\n", "modified": "2000-08-28T00:00:00", "published": "2000-08-28T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:398", "id": "OSVDB:398", "type": "osvdb", "title": "Microsoft Windows 2000 Malformed RPC Traffic Local Security Policy Corruption DoS", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}