CVE-2001-0006

The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*

History

26 Jan 2024, 17:08

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-732
References (MS) https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-003 - (MS) https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-003 - Patch, Release Notes, Vendor Advisory
References (BUGTRAQ) http://marc.info/?l=bugtraq&m=98075221915234&w=2 - (BUGTRAQ) http://marc.info/?l=bugtraq&m=98075221915234&w=2 - Mailing List
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/6006 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/6006 - Third Party Advisory, VDB Entry
CVSS v2 : 2.1
v3 : unknown
v2 : 2.1
v3 : 7.1

Information

Published : 2001-02-12 05:00

Updated : 2024-02-04 16:31


NVD link : CVE-2001-0006

Mitre link : CVE-2001-0006

CVE.ORG link : CVE-2001-0006


JSON object : View

Products Affected

microsoft

  • windows_nt
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource