CVE-2002-1749
First published: Tue Dec 31 2002(Updated: )
Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | ||
| Microsoft Windows 2000 | =sp2 | |
| Microsoft Windows 2000 | =sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-1749?
CVE-2002-1749 is considered a high severity vulnerability due to the potential for unauthorized access to administrator privileges.
How do I fix CVE-2002-1749?
To fix CVE-2002-1749, it is recommended to apply security updates provided by Microsoft for Windows 2000.
What systems are impacted by CVE-2002-1749?
CVE-2002-1749 affects Windows 2000 systems, including those running Service Pack 1 and Service Pack 2.
What type of vulnerability is CVE-2002-1749?
CVE-2002-1749 is classified as a privilege escalation vulnerability that can be exploited through inadequate session lock mechanisms.
Is there a workaround for CVE-2002-1749?
A potential workaround for CVE-2002-1749 is to manually configure session lock settings to activate immediately upon disconnection.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/event
- agent/description
- agent/source
- vendor/microsoft
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp2
- version/microsoft windows 2000/sp1