ID CVE-2002-0720
Summary A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:-:advanced_server
    cpe:2.3:o:microsoft:windows_2000:-:advanced_server
  • cpe:2.3:o:microsoft:windows_2000:-:datacenter_server
    cpe:2.3:o:microsoft:windows_2000:-:datacenter_server
  • cpe:2.3:o:microsoft:windows_2000:-:professional
    cpe:2.3:o:microsoft:windows_2000:-:professional
  • cpe:2.3:o:microsoft:windows_2000:-:server
    cpe:2.3:o:microsoft:windows_2000:-:server
  • Microsoft Windows 2000 Advanced Server SP1
    cpe:2.3:o:microsoft:windows_2000:-:sp1:advanced_server
  • Microsoft Windows 2000 Datacenter Server SP1
    cpe:2.3:o:microsoft:windows_2000:-:sp1:datacenter_server
  • Microsoft Windows 2000 Professional SP1
    cpe:2.3:o:microsoft:windows_2000:-:sp1:professional
  • Microsoft Windows 2000 Server SP1
    cpe:2.3:o:microsoft:windows_2000:-:sp1:server
  • Microsoft Windows 2000 Advanced Server SP2
    cpe:2.3:o:microsoft:windows_2000:-:sp2:advanced_server
  • Microsoft Windows 2000 Datacenter Server SP2
    cpe:2.3:o:microsoft:windows_2000:-:sp2:datacenter_server
  • Microsoft Windows 2000 Professional SP2
    cpe:2.3:o:microsoft:windows_2000:-:sp2:professional
  • Microsoft Windows 2000 Server SP2
    cpe:2.3:o:microsoft:windows_2000:-:sp2:server
  • Microsoft Windows 2000 Advanced Server SP3
    cpe:2.3:o:microsoft:windows_2000:-:sp3:advanced_server
  • Microsoft Windows 2000 Datacenter Server SP3
    cpe:2.3:o:microsoft:windows_2000:-:sp3:datacenter_server
  • Microsoft Windows 2000 Professional SP3
    cpe:2.3:o:microsoft:windows_2000:-:sp3:professional
  • Microsoft Windows 2000 Server SP3
    cpe:2.3:o:microsoft:windows_2000:-:sp3:server
  • Microsoft Windows 2000 Terminal Services
    cpe:2.3:o:microsoft:windows_2000_terminal_services
  • Microsoft Windows 2000 Terminal Services Service Pack 1
    cpe:2.3:o:microsoft:windows_2000_terminal_services:-:sp1
  • Microsoft Windows 2000 Terminal Services Service Pack 2
    cpe:2.3:o:microsoft:windows_2000_terminal_services:-:sp2
  • Microsoft Windows 2000 Terminal Services Service Pack 3
    cpe:2.3:o:microsoft:windows_2000_terminal_services:-:sp3
CVSS
Base: 7.2 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS02-042.NASL
description The remote host contains a flaw in the Network Connection Manager that may allow a local user to elevate his privileges. To exploit this vulnerability, a user needs to send a specially- crafted code to the Network Manager handle to execute arbitrary code with the privileges of the SYSTEM.
last seen 2019-02-21
modified 2018-11-15
plugin id 11091
published 2002-08-17
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=11091
title MS02-042: Flaw in Network Connection Manager Could Enable Privilege Elevation (326886)
oval via4
accepted 2011-05-16T04:02:33.861-04:00
class vulnerability
contributors
  • name Christine Walzer
    organization The MITRE Corporation
  • name Christine Walzer
    organization The MITRE Corporation
  • name Shane Shaffer
    organization G2, Inc.
  • name Sudhir Gandhe
    organization Telos
  • name Shane Shaffer
    organization G2, Inc.
description A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
family windows
id oval:org.mitre.oval:def:26
status accepted
submitted 2003-10-10T12:00:00.000-04:00
title Windows 2000 Network Connection Manager Privilege Escalation
version 68
refmap via4
bid 5480
ms MS02-042
xf win2k-ncm-gain-privileges(9856)
Last major update 10-09-2008 - 15:12
Published 05-09-2002 - 00:00
Last modified 12-10-2018 - 17:31
Back to Top