CVE-2001-1519

Windows 2000 - Local Privilege Escalation

Title source: llm

Description

RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it

Exploits (1)

exploitdb WORKING POC VERIFIED

by Camisade · clocalwindows

https://www.exploit-db.com/exploits/21069

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/240136

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/236111

[Third Party Advisory] http://www.iss.net/security_center/static/7532.php

[Exploit] http://www.securityfocus.com/bid/3185

Scores

EPSS 0.0280

EPSS Percentile 86.1%

Details

Status published

Products (1)

microsoft/windows_2000

Published Dec 31, 2001

Tracked Since Feb 18, 2026