CVE-2005-2150

3 documents3 sources

Severity

5.0MEDIUM

EPSS

26.8%

top 3.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows NT

Timeline

PublishedJul 11

Latest updateMay 1

Description

Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/windows_nt4.0

🔴Vulnerability Details

GHSA

GHSA-4w99-5j2p-3cwf: Windows NT 4↗2022-05-01

▶

CVEList

CVE-2005-2150: Windows NT 4↗2005-07-11

▶