Vulnerability Description
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Nt | <= 4.0 |
References
- http://razor.bindview.com/publish/advisories/adv_NTLMSSP.html
- http://www.securityfocus.com/bid/2348
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6076
- http://razor.bindview.com/publish/advisories/adv_NTLMSSP.html
- http://www.securityfocus.com/bid/2348
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6076
FAQ
What is CVE-2001-0016?
CVE-2001-0016 is a vulnerability with a CVSS score of 7.2 (HIGH). NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
How severe is CVE-2001-0016?
CVE-2001-0016 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0016?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Nt.