ID CVE-2001-0047
Summary The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities.
References
Vulnerable Configurations
  • Microsoft Windows NT 4.0
    cpe:2.3:o:microsoft:windows_nt:4.0
  • cpe:2.3:o:microsoft:windows_nt:terminal_server
    cpe:2.3:o:microsoft:windows_nt:terminal_server
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Windows
NASL id SMB_REG_MTS_ACCESS.NASL
description The registry key HKLM\SOFTWARE\Microsoft\Transaction Server\Packages can be modified by users not in the admin group. Write access to this key allows an unprivileged user to gain additional privileges.
last seen 2019-02-21
modified 2018-11-15
plugin id 11867
published 2003-10-08
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=11867
title Microsoft Windows SMB Registry : NT MTS Package Administration Registry Key Permission Weakness
oval via4
accepted 2008-03-24T04:00:14.203-04:00
class vulnerability
contributors
  • name Matt Busby
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
definition_extensions
comment Microsoft Windows NT is installed
oval oval:org.mitre.oval:def:36
description The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities.
family windows
id oval:org.mitre.oval:def:140
status accepted
submitted 2004-06-08T12:00:00.000-04:00
title Default Registry Permissions on the MTS Package Admin Key
version 68
refmap via4
bid 2065
ms MS00-095
xf nt-mts-reg-perms(5673)
Last major update 10-09-2008 - 15:07
Published 16-02-2001 - 00:00
Last modified 12-10-2018 - 17:30
Back to Top