Vulnerabilities > CVE-2002-0720 - Unspecified vulnerability in Microsoft Windows 2000 and Windows 2000 Terminal Services
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 8 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS02-042.NASL |
description | The remote host contains a flaw in the Network Connection Manager that may allow a local user to elevate his privileges. To exploit this vulnerability, a user needs to send a specially- crafted code to the Network Manager handle to execute arbitrary code with the privileges of the SYSTEM. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11091 |
published | 2002-08-17 |
reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11091 |
title | MS02-042: Flaw in Network Connection Manager Could Enable Privilege Elevation (326886) |
code |
|
Oval
accepted | 2011-05-16T04:02:33.861-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
description | A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. | ||||||||||||||||||||
family | windows | ||||||||||||||||||||
id | oval:org.mitre.oval:def:26 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2003-10-10T12:00:00.000-04:00 | ||||||||||||||||||||
title | Windows 2000 Network Connection Manager Privilege Escalation | ||||||||||||||||||||
version | 69 |