PT-2005-3082 · Microsoft · Windows 2000+1

Jean-Baptiste Marchand

Publicado

2005-07-11

Atualizado

2017-07-11

CVE-2005-2150

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Windows NT 4.0 Windows 2000 before URP1 for Windows 2000 SP4

Description: The issue allows remote attackers to list Windows services via svcctl or read event logs via eventlog due to improper prevention of NULL sessions from accessing certain alternate named pipes.

Recommendations: For Windows NT 4.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Windows 2000 before URP1 for Windows 2000 SP4, apply the URP1 update for Windows 2000 SP4 to resolve the issue.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2150

Produtos afetados

Windows 2000

Windows Nt 4.0

PT-2005-3082 · Microsoft · Windows 2000+1

CVE-2005-2150

Identificadores relacionados

Produtos afetados

Referências · 9