• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows 2000 Network Connection Manager Privilege Elevation Vulnerability

Bugtraq ID:	5480
Class:	Design Error
CVE:
Remote:	No
Local:	Yes
Published:	Aug 15 2002 12:00AM
Updated:	Aug 15 2002 12:00AM
Credit:	Announced in Microsoft Security Bulletin MS02-042.
Vulnerable:	Microsoft Windows 2000 Server SP3 Microsoft Windows 2000 Server SP2 Microsoft Windows 2000 Server SP1 Microsoft Windows 2000 Server + Avaya DefinityOne Media Servers + Avaya IP600 Media Servers + Avaya S3400 Message Application Server + Avaya S8100 Media Servers Microsoft Windows 2000 Professional SP3 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 2000 Datacenter Server SP3 Microsoft Windows 2000 Datacenter Server SP2 Microsoft Windows 2000 Datacenter Server SP1 Microsoft Windows 2000 Datacenter Server Microsoft Windows 2000 Advanced Server SP3 Microsoft Windows 2000 Advanced Server SP2 Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows 2000 Advanced Server
Not Vulnerable: