Vulnerabilities > CVE-2001-1519 - Unspecified vulnerability in Microsoft Windows 2000
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
exploit available
Summary
RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Exploit-Db
| description | Microsoft Windows 2000 RunAs Service Named Pipe Hijacking Vulnerability. CVE-2001-1519. Local exploit for windows platform |
| id | EDB-ID:21069 |
| last seen | 2016-02-02 |
| modified | 2001-12-11 |
| published | 2001-12-11 |
| reporter | Camisade |
| source | https://www.exploit-db.com/download/21069/ |
| title | Microsoft Windows 2000 RunAs Service Named Pipe Hijacking Vulnerability |
References
- http://online.securityfocus.com/archive/1/236111
- http://online.securityfocus.com/archive/1/236111
- http://online.securityfocus.com/archive/1/240136
- http://online.securityfocus.com/archive/1/240136
- http://www.iss.net/security_center/static/7532.php
- http://www.iss.net/security_center/static/7532.php
- http://www.securityfocus.com/bid/3185
- http://www.securityfocus.com/bid/3185