CVE-2001-1519

2001-12-31T05:00:00
ID CVE-2001-1519
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:26:00

Description

DISPUTED RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it.