Lucene search

[email protected]CVE-2002-1932

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-1932

2022-10-0316:23:48

[email protected]

web.nvd.nist.gov

microsoft

windows

windows 2000

security

nvd

administrative alerts

log management

detection avoidance

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the “Do not overwrite events (clear log manually)” option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.

Affected configurations

NVD

Node

microsoftwindows_2000

microsoftwindows_2000sp1

microsoftwindows_2000sp2

microsoftwindows_xphome

microsoftwindows_xpgoldprofessional

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_xp	microsoft windows xp	eq	*

References

online.securityfocus.com/archive/1/295341

support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B329350

www.iss.net/security_center/static/10377.php

www.securityfocus.com/bid/5972

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

Related for CVE-2002-1932

nvd1 cvelist1