{"vuid":"VU#31607","idnumber":"31607","name":"Microsoft Windows 2000 Service Control Manager creates predictably named pipes","keywords":["service control manager","named pipes"],"overview":"A vulnerability exists in the Microsoft Windows 2000 Service Control Manager which could allow local users to gain control of the system.","clean_desc":"A vulnerability exists in the Service Control Manager (SCM) function. This function creates named pipes for system services. More information on this problem is available from Microsoft at: http://www.microsoft.com/technet/security/bulletin/ms00-053.asp","impact":"An attacker can execute code with the privileges of any other user on the machine, including the administrator or the system itself.","resolution":"Apply the patch described in http://www.microsoft.com/Downloads/Release.asp?ReleaseID=23432","workarounds":"","sysaffected":"","thanks":"Our thanks to Microsoft for the information contained in their bulletin","author":"This document was written by Ian A. Finlay.","public":["http://www.microsoft.com/technet/security/bulletin/ms00-053.asp","http://www.microsoft.com/technet/security/bulletin/fq00-053.asp","http://www.securityfocus.com/bid/1535","http://www.guardent.com/A0108022000.html"],"cveids":["CVE-2000-0737"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2000-08-15T11:05:28Z","publicdate":"2000-08-02T00:00:00Z","datefirstpublished":"2001-05-09T14:13:53Z","dateupdated":"2001-05-10T13:44:59Z","revision":14,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"19","cam_impact":"15","cam_easeofexploitation":"9","cam_attackeraccessrequired":"10","cam_scorecurrent":"8.656875","cam_scorecurrentwidelyknown":"11.0615625","cam_scorecurrentwidelyknownexploited":"20.6803125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":8.656875,"vulnote":null}