PT-2002-1430 · Microsoft · Windows 2000+1

Published

2002-06-25

Updated

2025-10-22

CVE-2002-0367

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows NT and Windows 2000

Description The smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs. This allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.

Recommendations For Windows NT and Windows 2000, consider restricting access to the smss.exe debugging subsystem to minimize the risk of exploitation. As a temporary workaround, consider disabling the debugging subsystem until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2002-0367

Affected Products

Windows 2000

Windows Nt

PT-2002-1430 · Microsoft · Windows 2000+1

CVE-2002-0367

Weakness Enumeration

Related Identifiers

Affected Products

References · 18