Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2002-2018 Tenable Network Security, Inc.SMB_NT_MS02-016.NASL
HistoryApr 23, 2002 - 12:00 a.m.

MS02-016: Opening Group Policy Files (318089)

2002-04-2300:00:00
This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.
www.tenable.com
13

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.007 Low

EPSS

Percentile

80.0%

JSON

The remote version of Windows contains a flaw in the Group Policy Object (GPO) access right of Active Directory that could allow a user to prevent the GPO to be applied to other users.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(10945);
 script_version("1.38");
 script_cvs_date("Date: 2018/11/15 20:50:29");

 script_cve_id("CVE-2002-0051");
 script_bugtraq_id(4438);
 script_xref(name:"MSFT", value:"MS02-016");
 script_xref(name:"MSKB", value:"318593");

 script_name(english:"MS02-016: Opening Group Policy Files (318089)");
 script_summary(english:"Determines whether the Group Policy patch (Q318593) is installed");

 script_set_attribute(attribute:"synopsis", value:"A user can block access to GPO deployment.");
 script_set_attribute(attribute:"description", value:
"The remote version of Windows contains a flaw in the Group Policy
Object (GPO) access right of Active Directory that could allow a user to
prevent the GPO to be applied to other users.");
 script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-016");
 script_set_attribute(attribute:"solution", value:"Microsoft has released a set of patches for Windows 2000.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L");
 script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"vuln_publication_date", value:"2001/12/05");
 script_set_attribute(attribute:"patch_publication_date", value:"2002/04/04");
 script_set_attribute(attribute:"plugin_publication_date", value:"2002/04/23");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows : Microsoft Bulletins");

 script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
 script_require_keys("SMB/MS_Bulletin_Checks/Possible");
 script_require_ports(139, 445, "Host/patch_management_checks");

 exit(0);
}

#

include("smb_hotfixes.inc");
include("smb_hotfixes_fcheck.inc");
include("misc_func.inc");

get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");

bulletin = 'MS02-016';
kb = '318593';

kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);

if ( hotfix_check_domain_controler() <= 0 ) exit(0);
if ( hotfix_check_sp(win2k:3) <= 0 ) exit(0);


if ( hotfix_missing(name:"Q318593") > 0 )
	 {
 set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
 hotfix_add_report(bulletin:bulletin, kb:kb);
 hotfix_security_warning();
 }
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows

Related

cve 1
openvas 2
cert 1
cvelist 1
nvd 1
cve
cve
CVE-2002-0051
2002-06-25 04:00:00
openvas
openvas
Opening Group Policy Files (Q318089)
2005-11-03 00:00:00
Opening Group Policy Files (Q318089)
2005-11-03 00:00:00
cert
cert
Microsoft Windows 2000 fails to apply Group Policy to clients when policy file has been opened using exclusive read access (MS02-016)
2002-09-27 00:00:00
cvelist
cvelist
CVE-2002-0051
2002-06-25 04:00:00
nvd
nvd
CVE-2002-0051
2002-04-04 05:00:00

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.007 Low

EPSS

Percentile

80.0%

JSON
Related for SMB_NT_MS02-016.NASL
cve1openvas2cert1cvelist1nvd1