Vulnerabilities > CVE-2003-0496 - Unspecified vulnerability in Microsoft Windows 2000 and Windows 2000 Terminal Services

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
microsoft
exploit available
NVD
Published: 2003-08-18
Updated: 2019-04-30

Summary

Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.

Vulnerable Configurations

Part Description Count
OS
Microsoft
8

Exploit-Db

  • descriptionMicrosoft Windows 2000 CreateFile API Named Pipe Privilege Escalation Vulnerability (1)a. CVE-2003-0496 . Local exploit for windows platform
    idEDB-ID:22882
    last seen2016-02-02
    modified2003-07-08
    published2003-07-08
    reporterMaceo
    sourcehttps://www.exploit-db.com/download/22882/
    titleMicrosoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation Vulnerability 1
  • descriptionMicrosoft Windows 2000 CreateFile API Named Pipe Privilege Escalation Vulnerability (2). CVE-2003-0496. Local exploit for windows platform
    idEDB-ID:22883
    last seen2016-02-02
    modified2003-07-08
    published2003-07-08
    reporterMaceo
    sourcehttps://www.exploit-db.com/download/22883/
    titleMicrosoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation Vulnerability 2

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:76676
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-76676
    titleMicrosoft Windows 2000 CreateFile API Named Pipe Privilege Escalation Vulnerability (2)
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:76675
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-76675
    titleMicrosoft Windows 2000 CreateFile API Named Pipe Privilege Escalation Vulnerability (1)

References