Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1518


Vulnerability Score 2.1 2.1
CVE Id CVE-2001-1518
Last Modified 05 Sep 2008 04:26:45
Published 31 Dec 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


BID - 3291

XF - win2k-runas-dos(7533)

BUGTRAQ - 20011114 RE:Radix Research Reports RADIX1112200101, RADIX1112200102, and RADIX1112200103

Last Updated: 27 May 2016 10:36:42