CVE-2001-1518

RunAs runas.exe in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service RunAs hang by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the...

EUVD-2001-1495

Malware in sbrugna...

The vulnerability of the runas function in the microprogramming software of the digital analysis system MEAC300 allows a hacker to elevate their privileges to the level of an administrator.

The vulnerability of the runas function in the MEAC300 digital analysis system is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to elevate their privileges to the level of an administrator...

CVE-2001-1517

RunAs runas.exe in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying tha...