Lucene search

[email protected]CVE-2005-3176

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-3176

2022-10-0316:22:38

[email protected]

web.nvd.nist.gov

microsoft

windows

2000

terminal services

ip address

security log

evasion

detection

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.3%

JSON

Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection.

Affected configurations

NVD

Node

microsoftwindows_2000sp4fr

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*

References

support.microsoft.com/kb/891076

support.microsoft.com/kb/900345

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.3%

JSON

Related for CVE-2005-3176

cvelist1 nvd1