ID CVE-2001-0046
Summary The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
References
Vulnerable Configurations
  • Microsoft Windows 2000
    cpe:2.3:o:microsoft:windows_2000
  • Microsoft Windows NT 4.0
    cpe:2.3:o:microsoft:windows_nt:4.0
CVSS
Base: 4.6 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Windows
NASL id SMB_REG_SNMP_ACCESS.NASL
description The registry key HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters can be modified by users who are not in the admin group. Write access to this key allows an unprivileged user to gain additional privileges.
last seen 2019-02-21
modified 2018-11-15
plugin id 11868
published 2003-10-08
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=11868
title Microsoft Windows SMB Registry : SNMP Registry Key Permission Weakness Local Privilege Escalation
oval via4
accepted 2008-03-24T04:00:13.791-04:00
class vulnerability
contributors
  • name Matt Busby
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
definition_extensions
comment Microsoft Windows NT is installed
oval oval:org.mitre.oval:def:36
description The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
family windows
id oval:org.mitre.oval:def:139
status accepted
submitted 2004-06-08T12:00:00.000-04:00
title Default Registry Permissions on SNMP Parameters
version 68
refmap via4
bid 2066
ms MS00-095
xf nt-snmp-reg-perms(5672)
Last major update 10-09-2008 - 15:07
Published 16-02-2001 - 00:00
Last modified 12-10-2018 - 17:30
Back to Top