CVE-2002-0367 - OpenCVE

smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 2000 Windows Nt

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_2000:-:::::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:::::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:-:::terminal_server:::*

No data.

References

Link	Providers
http://marc.info/?l=ntbugtraq&m=101614320402695&w=2
http://www.iss.net/security_center/static/8462.php
http://www.securityfocus.com/archive/1/262074
http://www.securityfocus.com/archive/1/264441
http://www.securityfocus.com/archive/1/264927
http://www.securityfocus.com/bid/4287
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-04-02T05:00:00

Updated: 2024-08-08T02:49:28.090Z

Reserved: 2002-05-08T00:00:00

Link: CVE-2002-0367

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2002-06-25T04:00:00.000

Modified: 2024-07-16T17:42:19.227

Link: CVE-2002-0367

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-03-14T00:00:00", "descriptions": [{"lang": "en", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-06-11T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20020326 Re: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/264441"}, {"name": "20020314 DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ"], "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"name": "4287", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/4287"}, {"name": "MS02-024", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/264927"}, {"name": "oval:org.mitre.oval:def:76", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}, {"name": "20020314 Fwd: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/262074"}, {"name": "win-debug-duplicate-handles(8462)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/8462.php"}, {"name": "oval:org.mitre.oval:def:158", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0367", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20020326 Re: DebPloit (exploit)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/264441"}, {"name": "20020314 DebPloit (exploit)", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"name": "4287", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4287"}, {"name": "MS02-024", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/264927"}, {"name": "oval:org.mitre.oval:def:76", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}, {"name": "20020314 Fwd: DebPloit (exploit)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/262074"}, {"name": "win-debug-duplicate-handles(8462)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8462.php"}, {"name": "oval:org.mitre.oval:def:158", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:49:28.090Z"}, "title": "CVE Program Container", "references": [{"name": "20020326 Re: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/264441"}, {"name": "20020314 DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"name": "4287", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/4287"}, {"name": "MS02-024", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/264927"}, {"name": "oval:org.mitre.oval:def:76", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}, {"name": "20020314 Fwd: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/262074"}, {"name": "win-debug-duplicate-handles(8462)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/8462.php"}, {"name": "oval:org.mitre.oval:def:158", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0367", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-05-08T00:00:00", "dateUpdated": "2024-08-08T02:49:28.090Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "685F1981-EA61-4A00-89F8-A748A88962F8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:-:*:*:terminal_server:*:*:*", "matchCriteriaId": "E30F6C9C-3371-44FF-AD0B-3CAA0AB6F1B8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}], "id": "CVE-2002-0367", "lastModified": "2024-07-16T17:42:19.227", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2002-06-25T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.iss.net/security_center/static/8462.php"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/262074"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/264441"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/264927"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/4287"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}