Vulnerabilities > CVE-2001-1518 - Denial of Services vulnerability in Microsoft Windows 2000 RunAs Service
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 |
Exploit-Db
| description | Microsoft Windows 2000 RunAs Service Denial of Services Vulnerability. CVE-2001-1518. Dos exploit for windows platform |
| id | EDB-ID:21099 |
| last seen | 2016-02-02 |
| modified | 2001-12-11 |
| published | 2001-12-11 |
| reporter | Camisade |
| source | https://www.exploit-db.com/download/21099/ |
| title | Microsoft Windows 2000 RunAs Service Denial of Services Vulnerability |