CVE-2001-0350

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability.

Published: Jul 21, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0350
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_2000	-	-

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-031
https://exchange.xforce.ibmcloud.com/vulnerabilities/6664

Vulnerability Database

289,697

CVE-2001-0350