Features
-
License:
Free
-
Editor's Rating:
Not rated
- Average User Rating:
-
Downloads:
48,963
- Operating Systems:
Windows 2000
- Additional Requirements:
No additional requirements
- Limitations:
No limitations
- Date Added:
August 11, 2000
Publisher's description of Windows 2000 Service Control Manager Named Pipe Impersonation Vulnerability Patch
From Microsoft:The Service Control Manager (services.exe) is an administrative tool provided in Windows 2000 that allows system services (Server, Workstation, Alerter, ClipBook, etc.) to be created or modified. The SCM creates a named pipe for each service as it starts, however, should a malicious program predict and create the named pipe for a specific service before the service starts, the program could impersonate the privileges of the service. This could allow the malicious program to run in the context of the given service, with either specific user or LocalSystem privileges.
The primary risk from this vulnerability is that a malicious user could exploit this vulnerability to gain additional privileges on the local machine. A malicious user would require the ability to log onto the target machine interactively and run arbitrary programs in order to exploit this vulnerability, and as a result, workstations and terminal servers would be at greatest risk.
Affected Software Versions
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
Microsoft has released a patch that eliminates this security vulnerability.
- See more CNET content tagged:
- Microsoft Windows 2000,
- malicious program,
- malicious user,
- privilege,
- vulnerability
More popular Encryption Software downloads
- 58,873 downloads 1. RoboForm
- 10,761 downloads 2. SuperEncryptor
- 5,756 downloads 3. Folder Lock
- 2,546 downloads 4. Eraser
- 2,154 downloads 5. RAR Password Cracker
- See all Encryption Software downloads
User reviews
- Average user rating: 0 stars Not yet available
- My rating: 0 stars Write review
-
Showing 2 of 2 user reviewsSee all 2 user reviews
This software version | All versions -
Version: Windows 2000 Service Control Manager Named Pipe Impersonation Vulnerability Patch
-
Version: Windows 2000 Service Control Manager Named Pipe Impersonation Vulnerability Patch
"You would have to be nuts not to use this!"
- See all 2 user reviews Write review
Submit your review
You must be 13 years of age or older to submit personal information to CNET Networks. In compliance with the Children's Online Privacy Protection Act of 1998, CNET Networks does not accept name and e-mail address information from users who are under 13 years of age.
All submitted ratings and written comments become the sole property of CNET Networks, Inc. (CNET) and may be used at CNET Networks' sole discretion. Ratings and written comments are generally posted within two to four business days in batch groups, not in real time. However, CNET Networks reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET Networks, are responsible for the contents of your submission.
CNET Networks is not responsible for the content of the publisher's descriptions or user reviews on this site. We encourage you to determine whether this product or your intended use is legal. We do not encourage or condone the use of any software in violation of applicable laws. CNET Download.com does not sell, resell, or license any of the products listed on the site. We cannot be held liable for issues that arise from the download or use of these products.
