CVE-2001-0016 — Microsoft Windows NT vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

1.0%

top 22.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows NT

Timeline

PublishedMar 12

Latest updateApr 30

Description

NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/windows_nt4.0

🔴Vulnerability Details

GHSA

GHSA-8hx3-74gm-vfhh: NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain↗2022-04-30

▶

CVEList

CVE-2001-0016: NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain↗2001-05-07

▶