CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-1519

RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.9%

CVSS Severity

CVSS v2 Score 3.6

References

http://online.securityfocus.com/archive/1/236111
http://online.securityfocus.com/archive/1/240136
http://www.iss.net/security_center/static/7532.php
http://www.securityfocus.com/bid/3185
http://online.securityfocus.com/archive/1/236111
http://online.securityfocus.com/archive/1/240136
http://www.iss.net/security_center/static/7532.php
http://www.securityfocus.com/bid/3185

Products affected by CVE-2001-1519

Microsoft » Windows 2000 » Version: N/A

cpe:2.3:o:microsoft:windows_2000:-
Microsoft » Windows 2000 » Version: beta3

cpe:2.3:o:microsoft:windows_2000:beta3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1519

Products

Pricing

Contact Us