Vulnerabilities > CVE-2001-0045 - Unspecified vulnerability in Microsoft Windows NT 4.0/Terminalserver
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Nessus
NASL family | Windows |
NASL id | SMB_REG_RAS_ACCESS.NASL |
description | This script checks whether the following key can be modified by non-admins : HKLM\Software\Microsoft\Windows\RAS Write access to this key allows an unprivileged user to gain additional privileges. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10567 |
published | 2000-12-08 |
reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10567 |
title | Microsoft Windows SMB Registry : NT RAS Administration Registry Key Permission Weakness Local Privilege Escalation |
code |
|
Oval
accepted | 2008-03-24T04:00:38.358-04:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
definition_extensions |
| ||||||||
description | The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities. | ||||||||
family | windows | ||||||||
id | oval:org.mitre.oval:def:500 | ||||||||
status | accepted | ||||||||
submitted | 2003-06-08T12:00:00.000-04:00 | ||||||||
title | Default Permissions on RAS Administration Key | ||||||||
version | 71 |