Showing 1 - 1 of 1

CVE-2005-2150

Status Candidate

Overview

Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog.

Related Files

nullsessions.txt: Posted Jul 7, 2005; Authored by Jean-Baptiste Marchand | Site hsc.fr; By taking advantage of hardcoded named pipes allowed for NULL sessions and using the property of MSRPC that, by default, all available RPC interfaces in a process can be reached using any opened endpoint, it is possible to anonymously enumerate Windows services and read the Application and System eventlogs of a remote Windows NT 4.0 or Windows 2000 system.; tags | advisory, remote; systems | windows; advisories | CVE-2005-2150; SHA-256 | 2bb873f5988aeb3ade45cf990ed9c3c66d76a67a398e497b3f4c007ab913879a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 216 files
Ubuntu 78 files
indoushka 77 files
Jasper Nota 25 files
Gentoo 22 files
Willem Westerhof 19 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,553)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,689)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,482)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,736)
UNIX (9,435)
UnixWare (187)
Windows (6,671)
Other

CVE-2005-2150

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems