CVE-2001-0860
First published: Thu Dec 06 2001(Updated: )
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | ||
| Microsoft Windows XP | =gold |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0860?
CVE-2001-0860 is considered a critical vulnerability due to its potential for IP address spoofing.
How do I fix CVE-2001-0860?
To mitigate CVE-2001-0860, upgrade to a newer version of Windows that does not have this vulnerability.
What software is affected by CVE-2001-0860?
CVE-2001-0860 affects Microsoft Windows 2000 and Windows XP (Gold version).
Can CVE-2001-0860 allow unauthorized access?
Yes, CVE-2001-0860 can potentially allow attackers to gain unauthorized access by spoofing their IP address.
Is there any workaround for CVE-2001-0860?
There are no specific workarounds for CVE-2001-0860 other than upgrading to a secure version of the operating system.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft windows 2000
- canonical/microsoft windows xp
- version/microsoft windows xp/gold