CVE-2002-1230 - OpenCVE

NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows 2000 Terminal Services Windows 2000

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_2000::::::::
	cpe:2.3:o:microsoft:windows_2000::sp1::::::*
	cpe:2.3:o:microsoft:windows_2000::sp2::::::*
	cpe:2.3:o:microsoft:windows_2000::sp3::::::*
	cpe:2.3:o:microsoft:windows_2000_terminal_services::::::::
	cpe:2.3:o:microsoft:windows_2000_terminal_services::sp1::::::*
	cpe:2.3:o:microsoft:windows_2000_terminal_services::sp2::::::*
	cpe:2.3:o:microsoft:windows_2000_terminal_services::sp3::::::*

References

Link	Resource
http://getad.chat.ru/
http://www.ciac.org/ciac/bulletins/n-027.shtml
http://www.iss.net/security_center/static/10343.php	Vendor Advisory
http://www.packetstormsecurity.nl/filedesc/GetAd.c.html	Vendor Advisory
http://www.securityfocus.com/bid/5927
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-071
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A681

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2004-09-01T04:00:00

Updated: 2007-11-13T00:00:00

Reserved: 2002-10-21T00:00:00

Link: CVE-2002-1230

JSON object: View

NVD Information

Status : Modified

Published: 2002-11-04T05:00:00.000

Modified: 2019-04-30T14:27:13.710

Link: CVE-2002-1230

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-10-21T00:00:00", "descriptions": [{"lang": "en", "value": "NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via \"shatter\" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka \"Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-11-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "N-027", "tags": ["third-party-advisory", "government-resource", "x_refsource_CIAC"], "url": "http://www.ciac.org/ciac/bulletins/n-027.shtml"}, {"name": "5927", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5927"}, {"tags": ["x_refsource_MISC"], "url": "http://www.packetstormsecurity.nl/filedesc/GetAd.c.html"}, {"name": "MS02-071", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-071"}, {"tags": ["x_refsource_MISC"], "url": "http://getad.chat.ru/"}, {"name": "oval:org.mitre.oval:def:681", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A681"}, {"name": "win-netdde-gain-privileges(10343)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/10343.php"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1230", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via \"shatter\" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka \"Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "N-027", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/n-027.shtml"}, {"name": "5927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5927"}, {"name": "http://www.packetstormsecurity.nl/filedesc/GetAd.c.html", "refsource": "MISC", "url": "http://www.packetstormsecurity.nl/filedesc/GetAd.c.html"}, {"name": "MS02-071", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-071"}, {"name": "http://getad.chat.ru/", "refsource": "MISC", "url": "http://getad.chat.ru/"}, {"name": "oval:org.mitre.oval:def:681", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A681"}, {"name": "win-netdde-gain-privileges(10343)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/10343.php"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1230", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-10-21T00:00:00", "dateUpdated": "2007-11-13T00:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "8208AFC9-0EFC-4A90-AD5A-FD94F5542885", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D4168AE-D19E-482E-8F2B-3E798B2D84E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "B5E149E7-B748-44F6-BB55-68D5BF87AF41", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via \"shatter\" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka \"Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation.\""}, {"lang": "es", "value": "El Agente NetDDE en sistemas Windows permite a usuarios locales ejecutar c\u00f3digo arbitrario mediante un mensaje WM_COPYDATA usando un ataque de estilo \"destrozar\" (shatter)"}], "id": "CVE-2002-1230", "lastModified": "2019-04-30T14:27:13.710", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-11-04T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://getad.chat.ru/"}, {"source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/n-027.shtml"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.iss.net/security_center/static/10343.php"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.packetstormsecurity.nl/filedesc/GetAd.c.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/5927"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-071"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A681"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}