Lucene search

[email protected]CVE-2001-0045

HistoryFeb 16, 2001 - 5:00 a.m.

CVE-2001-0045

2001-02-1605:00:00

[email protected]

web.nvd.nist.gov

windows nt 4.0

ras administration

local users

execute arbitrary commands

malicious dll

registry permissions vulnerabilities

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.3%

JSON

The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the “Registry Permissions” vulnerabilities.

Affected configurations

NVD

Node

microsoftwindows_ntMatch4.0

microsoftwindows_ntMatchterminal_server

CPENameOperatorVersion
microsoft:windows_ntmicrosoft windows nteq4.0
microsoft:windows_ntmicrosoft windows nteqterminal_server

CPE	Name	Operator	Version
microsoft:windows_nt	microsoft windows nt	eq	4.0
microsoft:windows_nt	microsoft windows nt	eq	terminal_server

References

www.securityfocus.com/bid/2064

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-095

exchange.xforce.ibmcloud.com/vulnerabilities/5671

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A500

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for CVE-2001-0045

nessus1 cvelist1 nvd1