CVE-2001-1518

Name of the Vulnerable Software and Affected Versions Windows 2000

Description The issue allows local users to cause a denial of service by creating a named pipe session with the authentication server without any request for service. This can lead to a hang in RunAs (runas.exe). The vendor has disputed this vulnerability but acknowledges a scenario where other users could be affected if running on a Terminal Server.

Recommendations For Windows 2000, consider restricting access to the RunAs feature to minimize the risk of exploitation. As a temporary workaround, consider disabling the RunAs (runas.exe) utility until a resolution is determined.