OpenCVE

Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 2000

Configuration 1 [-]

cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://ciac.llnl.gov/ciac/bulletins/l-079.shtml
http://marc.info/?l=bugtraq&m=98942093221908&w=2
http://www.securityfocus.com/bid/2707
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-024
https://exchange.xforce.ibmcloud.com/vulnerabilities/6506

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2001-09-18T04:00:00

Updated: 2024-08-08T04:14:06.478Z

Reserved: 2001-03-19T00:00:00

Link: CVE-2001-0237

Vulnrichment

No data.

NVD

Status : Modified

Published: 2001-06-27T04:00:00.000

Modified: 2024-11-20T23:34:54.827

Link: CVE-2001-0237

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2001-05-08T00:00:00", "descriptions": [{"lang": "en", "value": "Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "MS01-024", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-024"}, {"name": "win2k-kerberos-dos(6506)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6506"}, {"name": "20010509 def-2001-24: Windows 2000 Kerberos DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=98942093221908&w=2"}, {"name": "L-079", "tags": ["third-party-advisory", "government-resource", "x_refsource_CIAC"], "url": "http://ciac.llnl.gov/ciac/bulletins/l-079.shtml"}, {"name": "2707", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/2707"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0237", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "MS01-024", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-024"}, {"name": "win2k-kerberos-dos(6506)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6506"}, {"name": "20010509 def-2001-24: Windows 2000 Kerberos DoS", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=98942093221908&w=2"}, {"name": "L-079", "refsource": "CIAC", "url": "http://ciac.llnl.gov/ciac/bulletins/l-079.shtml"}, {"name": "2707", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2707"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T04:14:06.478Z"}, "title": "CVE Program Container", "references": [{"name": "MS01-024", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-024"}, {"name": "win2k-kerberos-dos(6506)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6506"}, {"name": "20010509 def-2001-24: Windows 2000 Kerberos DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=98942093221908&w=2"}, {"name": "L-079", "tags": ["third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred"], "url": "http://ciac.llnl.gov/ciac/bulletins/l-079.shtml"}, {"name": "2707", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/2707"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0237", "datePublished": "2001-09-18T04:00:00", "dateReserved": "2001-03-19T00:00:00", "dateUpdated": "2024-08-08T04:14:06.478Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data."}, {"lang": "es", "value": "La p\u00e9rdida de memoria en el controlador de dominio Microsoft 2000 permite a los atacantes remotos provocar una denegaci\u00f3n de servicio al conectarse repetidamente al servicio Kerberos y luego desconectarse sin enviar ning\u00fan dato."}], "id": "CVE-2001-0237", "lastModified": "2024-11-20T23:34:54.827", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2001-06-27T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://ciac.llnl.gov/ciac/bulletins/l-079.shtml"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=98942093221908&w=2"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/2707"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-024"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6506"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ciac.llnl.gov/ciac/bulletins/l-079.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=98942093221908&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/2707"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6506"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}