Lucene search

K
cve[email protected]CVE-2004-0894
HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-0894

2005-01-1005:00:00
NVD-CWE-Other
web.nvd.nist.gov
31
nvd
cve-2004-0894
windows 2000
windows server 2003
lsass
local security authority subsystem service
privilege escalation

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.7%

LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.7%

Related for CVE-2004-0894