Back to search
CVE-2002-0018
Published: Jun 25, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3997
vdb-entry
x_refsource_BID
win-sid-gain-privileges(8023)
vdb-entry
x_refsource_XF
oval:org.mitre.oval:def:159
vdb-entry
signature
x_refsource_OVAL
MS02-001
vendor-advisory
x_refsource_MS
oval:org.mitre.oval:def:64
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now