Predictable Named Pipes Vulnerability in Microsoft Windows 2000 Telnet Service

Predictable Named Pipes Vulnerability in Microsoft Windows 2000 Telnet Service

CVE-2001-0349 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability.

Learn more about our User Device Pen Test.