CVE-2000-1149Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows NT

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
10.2%
top 6.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Windows NT
Timeline
PublishedJan 9
Latest updateApr 30

Description

Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/windows_ntterminal_server

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-c8q2-5c9q-67pp: Buffer overflow in RegAPI2022-04-30
CVEList
CVE-2000-1149: Buffer overflow in RegAPI2001-01-22
CVE-2000-1149 — Microsoft Windows NT vulnerability | cvebase