TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2002-0367

HIGHCISA KEV
7.8

Beschreibung

smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.

CVE Details

CVSS v3.1 Bewertung7.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht6/25/2002
Zuletzt geandert4/16/2026
Quellekev
Honeypot-Sichtungen0

CISA KEV

HerstellerMicrosoft
ProduktWindows
SchwachstellennameMicrosoft Windows Privilege Escalation Vulnerability
KEV Aufnahmedatum2022-03-03
Behebungsfrist2022-03-24
Ransomware-NutzungUnknown

Betroffene Produkte

microsoft:windows_2000microsoft:windows_nt

Schwachen (CWE)

CWE-269CWE-269

Referenzen

http://marc.info/?l=ntbugtraq&m=101614320402695&w=2(cve@mitre.org)
http://www.iss.net/security_center/static/8462.php(cve@mitre.org)
http://www.securityfocus.com/archive/1/262074(cve@mitre.org)
http://www.securityfocus.com/archive/1/264441(cve@mitre.org)
http://www.securityfocus.com/archive/1/264927(cve@mitre.org)
http://www.securityfocus.com/bid/4287(cve@mitre.org)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024(cve@mitre.org)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158(cve@mitre.org)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76(cve@mitre.org)
http://marc.info/?l=ntbugtraq&m=101614320402695&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://www.iss.net/security_center/static/8462.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/262074(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/264441(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/264927(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/4287(af854a3a-2127-422b-91ae-364da2661108)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2002-0367(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.