Vulnerability Description
Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
References
- http://www.ntbugtraq.com/default.aspx?pid=36&sid=1&A2=ind0202&L=ntbugtraq&T=0&O=Vendor Advisory
- http://www.securityfocus.com/bid/4095
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8199
- http://www.ntbugtraq.com/default.aspx?pid=36&sid=1&A2=ind0202&L=ntbugtraq&T=0&O=Vendor Advisory
- http://www.securityfocus.com/bid/4095
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8199
FAQ
What is CVE-2002-1749?
CVE-2002-1749 is a vulnerability with a CVSS score of 7.2 (HIGH). Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could...
How severe is CVE-2002-1749?
CVE-2002-1749 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1749?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000.