Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 31/12/2001 Updated: 17/05/2024

CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9

VMScore: 365

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N

RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 2000

source: wwwsecurityfocuscom/bid/3185/info The Windows 2000 RunAs service allows an application or service to be executed as a different user It is accessed by holding down the shift key and right mouse clicking on an icon, then selecting 'Run as' from the context menu When the RunAs service is invoked, it creates a named pipe for cl ...

NVD-CWE-Other http://online.securityfocus.com/archive/1/236111 http://online.securityfocus.com/archive/1/240136 http://www.securityfocus.com/bid/3185 http://www.iss.net/security_center/static/7532.php https://nvd.nist.gov https://www.exploit-db.com/exploits/21069/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-1519

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect