ID CVE-2000-0771 Type cve Reporter NVD Modified 2008-09-05T16:21:50
Description
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.
{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0771", "history": [], "references": ["http://www.securityfocus.com/bid/1613", "http://www.microsoft.com/technet/security/bulletin/MS00-062.asp"], "lastseen": "2016-09-03T02:44:12", "bulletinFamily": "NVD", "title": "CVE-2000-0771", "cpe": ["cpe:/o:microsoft:windows_2000"], "viewCount": 1, "id": "CVE-2000-0771", "hash": "4eb48ba58f0bcbd22cf231240a9e27beffe24f421e373009b6d949103c9b0e28", "description": "Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the \"Local Security Policy Corruption\" vulnerability.", "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "cvelist": ["CVE-2000-0771"], "scanner": [], "modified": "2008-09-05T16:21:50", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "objectVersion": "1.2", "reporter": "NVD", "type": "cve", "published": "2000-10-20T00:00:00", "enchantments": {"score": {"value": 2.1, "vector": "NONE", "modified": "2016-09-03T02:44:12"}, "vulnersScore": 2.1}}
{"nessus": [{"lastseen": "2018-09-01T23:44:06", "references": ["https://technet.microsoft.com/library/security/ms00-062"], "pluginID": "10499", "description": "The hotfix for the 'Local Security Policy Corruption' problem has not been applied.\n\nThis vulnerability allows a malicious user to corrupt parts of a Windows 2000 system's local security policy, which could prevent this host from communicating with other hosts in this domain.", "edition": 8, "reporter": "Tenable", "published": "2000-08-30T00:00:00", "title": "MS00-062: Local Security Policy Corruption (269609)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Windows : Microsoft Bulletins", "bulletinFamily": "scanner", "cvelist": ["CVE-2000-0771"], "modified": "2018-07-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS00-062.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=10499", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(10499);\n script_version(\"1.48\");\n script_cvs_date(\"Date: 2018/07/30 11:55:12\");\n\n script_cve_id(\"CVE-2000-0771\");\n script_bugtraq_id(1613);\n script_xref(name:\"MSFT\", value:\"MS00-062\");\n script_xref(name:\"MSKB\", value:\"269609\");\n\n script_name(english:\"MS00-062: Local Security Policy Corruption (269609)\");\n script_summary(english:\"Determines whether the hotfix Q269609 is installed\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"A local user can corrupt the remote system.\");\n script_set_attribute(attribute:\"description\", value:\n\"The hotfix for the 'Local Security Policy Corruption' problem has not\nbeen applied.\n\nThis vulnerability allows a malicious user to corrupt parts of a Windows\n2000 system's local security policy, which could prevent this host from\ncommunicating with other hosts in this domain.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://technet.microsoft.com/library/security/ms00-062\");\n script_set_attribute(attribute:\"solution\", value:\"Microsoft has released a set of patches for Windows 2000.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2000/08/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2000/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2000/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS00-062';\nkb = \"269609\";\n\nkbs = make_list(kb);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_NOTE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp(win2k:1) <= 0) exit(0, \"The host is not affected based on its version / service pack.\");\n\n\nif (hotfix_missing(name:\"Q269609\") > 0)\n{\n if (\n defined_func(\"report_xml_tag\") &&\n !isnull(bulletin) &&\n !isnull(kb)\n ) report_xml_tag(tag:bulletin, value:kb);\n\n hotfix_security_note();\n set_kb_item(name:\"SMB/Missing/\"+bulletin, value:TRUE);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n\n\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:19:55", "references": [], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[CVE-2000-0771](https://vulners.com/cve/CVE-2000-0771)\nBugtraq ID: 1613\n", "reporter": "OSVDB", "published": "2000-08-28T00:00:00", "type": "osvdb", "title": "Microsoft Windows 2000 Malformed RPC Traffic Local Security Policy Corruption DoS", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2000-0771"], "modified": "2000-08-28T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:398", "id": "OSVDB:398", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}
