Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1518

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2001-1518
Last Modified 05 Sep 2008 04:26:45
Published 31 Dec 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1518

Summary

RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


References

BID - 3291

XF - win2k-runas-dos(7533)

BUGTRAQ - 20011114 RE:Radix Research Reports RADIX1112200101, RADIX1112200102, and RADIX1112200103


Last Updated: 27 May 2016 10:36:42