CVE-2002-0367

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2", "name": "20020314 DebPloit (exploit)", "tags": ["Mailing List"], "refsource": ""}, {"url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2", "name": "20020314 DebPloit (exploit)", "tags": ["Mailing List"], "refsource": ""}, {"url": "http://www.iss.net/security_center/static/8462.php", "name": "win-debug-duplicate-handles(8462)", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "refsource": ""}, {"url": "http://www.iss.net/security_center/static/8462.php", "name": "win-debug-duplicate-handles(8462)", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "refsource": ""}, {"url": "http://www.securityfocus.com/archive/1/262074", "name": "20020314 Fwd: DebPloit (exploit)", "tags": ["Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "refsource": ""}, {"url": "http://www.securityfocus.com/archive/1/262074", "name": "20020314 Fwd: DebPloit (exploit)", "tags": ["Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "refsource": ""}, {"url": "http://www.securityfocus.com/archive/1/264441", "name": "20020326 Re: DebPloit (exploit)", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "http://www.securityfocus.com/archive/1/264441", "name": "20020326 Re: DebPloit (exploit)", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "http://www.securityfocus.com/archive/1/264927", "name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "http://www.securityfocus.com/archive/1/264927", "name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "http://www.securityfocus.com/bid/4287", "name": "4287", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "http://www.securityfocus.com/bid/4287", "name": "4287", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024", "name": "MS02-024", "tags": ["Patch", "Vendor Advisory"], "refsource": ""}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024", "name": "MS02-024", "tags": ["Patch", "Vendor Advisory"], "refsource": ""}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158", "name": "oval:org.mitre.oval:def:158", "tags": ["Broken Link"], "refsource": ""}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158", "name": "oval:org.mitre.oval:def:158", "tags": ["Broken Link"], "refsource": ""}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76", "name": "oval:org.mitre.oval:def:76", "tags": ["Broken Link"], "refsource": ""}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76", "name": "oval:org.mitre.oval:def:76", "tags": ["Broken Link"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2002-0367", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}}, "publishedDate": "2002-06-25T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:-:*:*:terminal_server:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-03-14T19:07Z"}