Search...

CVE-2000-0771

2000-10-20T00:00:00

ID CVE-2000-0771
Type cve
Reporter NVD
Modified 2018-10-12T17:29:46

Description

Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.

JSON Vulners Source

Initial Source

{"id": "CVE-2000-0771", "bulletinFamily": "NVD", "title": "CVE-2000-0771", "description": "Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the \"Local Security Policy Corruption\" vulnerability.", "published": "2000-10-20T00:00:00", "modified": "2018-10-12T17:29:46", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0771", "reporter": "NVD", "references": ["https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-062", "http://www.securityfocus.com/bid/1613"], "cvelist": ["CVE-2000-0771"], "type": "cve", "lastseen": "2018-10-13T12:03:33", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/o:microsoft:windows_2000"], "cvelist": ["CVE-2000-0771"], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the \"Local Security Policy Corruption\" vulnerability.", "edition": 1, "enchantments": {"score": {"modified": "2016-09-03T02:44:12", "value": 2.1, "vector": "NONE"}}, "hash": "7c5ab0e9b1c72208b0e7389eaa241eaabc9f463c46149358d9d83dc9732d1066", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "8ae4702699ac2045c473fb5e9a783bd2", "key": "published"}, {"hash": "40083ca009eee3c96aeb4eeff467ebdc", "key": "href"}, {"hash": "5e693a00f72642ab25a9e99b5665fc85", "key": "cvelist"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "a2b8218be5d8b1d880e11561f983d3a4", "key": "description"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "0b4dafb4fea62c12504de8363892119f", "key": "cpe"}, {"hash": "33ad2cebd667d6d60fba37f60035cdae", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "eea79d81a89253684b8a83222c9b35ca", "key": "references"}, {"hash": "2194071404940988ecd78926323dff49", "key": "cvss"}, {"hash": "2a0a0a7b554fbecb5807690de3b34fac", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0771", "id": "CVE-2000-0771", "lastseen": "2016-09-03T02:44:12", "modified": "2008-09-05T16:21:50", "objectVersion": "1.2", "published": "2000-10-20T00:00:00", "references": ["http://www.securityfocus.com/bid/1613", "http://www.microsoft.com/technet/security/bulletin/MS00-062.asp"], "reporter": "NVD", "scanner": [], "title": "CVE-2000-0771", "type": "cve", "viewCount": 1}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T02:44:12"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "0b4dafb4fea62c12504de8363892119f"}, {"key": "cvelist", "hash": "5e693a00f72642ab25a9e99b5665fc85"}, {"key": "cvss", "hash": "2194071404940988ecd78926323dff49"}, {"key": "description", "hash": "a2b8218be5d8b1d880e11561f983d3a4"}, {"key": "href", "hash": "40083ca009eee3c96aeb4eeff467ebdc"}, {"key": "modified", "hash": "2a8cdd21ff3241487f1d4bae69ce018c"}, {"key": "published", "hash": "8ae4702699ac2045c473fb5e9a783bd2"}, {"key": "references", "hash": "843a77163e7d56aec77785c2fb115351"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "2a0a0a7b554fbecb5807690de3b34fac"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "1c6fad9b7014a3a47d320fdbdc9d4fd1d91547cf2cdad4ab82611e597af2103d", "viewCount": 2, "enchantments": {"score": {"value": 2.1, "vector": "NONE", "modified": "2018-10-13T12:03:33"}, "dependencies": {"references": [{"type": "nessus", "idList": ["SMB_NT_MS00-062.NASL"]}, {"type": "osvdb", "idList": ["OSVDB:398"]}], "modified": "2018-10-13T12:03:33"}, "vulnersScore": 2.1}, "objectVersion": "1.3", "cpe": ["cpe:/o:microsoft:windows_2000"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"nessus": [{"lastseen": "2019-01-16T20:05:12", "bulletinFamily": "scanner", "description": "The hotfix for the 'Local Security Policy Corruption' problem has not\nbeen applied.\n\nThis vulnerability allows a malicious user to corrupt parts of a Windows\n2000 system's local security policy, which could prevent this host from\ncommunicating with other hosts in this domain.", "modified": "2018-11-15T00:00:00", "published": "2000-08-30T00:00:00", "id": "SMB_NT_MS00-062.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=10499", "title": "MS00-062: Local Security Policy Corruption (269609)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(10499);\n script_version(\"1.49\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\"CVE-2000-0771\");\n script_bugtraq_id(1613);\n script_xref(name:\"MSFT\", value:\"MS00-062\");\n script_xref(name:\"MSKB\", value:\"269609\");\n\n script_name(english:\"MS00-062: Local Security Policy Corruption (269609)\");\n script_summary(english:\"Determines whether the hotfix Q269609 is installed\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"A local user can corrupt the remote system.\");\n script_set_attribute(attribute:\"description\", value:\n\"The hotfix for the 'Local Security Policy Corruption' problem has not\nbeen applied.\n\nThis vulnerability allows a malicious user to corrupt parts of a Windows\n2000 system's local security policy, which could prevent this host from\ncommunicating with other hosts in this domain.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2000/ms00-062\");\n script_set_attribute(attribute:\"solution\", value:\"Microsoft has released a set of patches for Windows 2000.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2000/08/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2000/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2000/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS00-062';\nkb = \"269609\";\n\nkbs = make_list(kb);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_NOTE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp(win2k:1) <= 0) exit(0, \"The host is not affected based on its version / service pack.\");\n\n\nif (hotfix_missing(name:\"Q269609\") > 0)\n{\n if (\n defined_func(\"report_xml_tag\") &&\n !isnull(bulletin) &&\n !isnull(kb)\n ) report_xml_tag(tag:bulletin, value:kb);\n\n hotfix_security_note();\n set_kb_item(name:\"SMB/Missing/\"+bulletin, value:TRUE);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n\n\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:19:55", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[CVE-2000-0771](https://vulners.com/cve/CVE-2000-0771)\nBugtraq ID: 1613\n", "modified": "2000-08-28T00:00:00", "published": "2000-08-28T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:398", "id": "OSVDB:398", "type": "osvdb", "title": "Microsoft Windows 2000 Malformed RPC Traffic Local Security Policy Corruption DoS", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}