CVE-2003-1544

Current Description

Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded.

Basic Data

PublishedDecember 31, 2003
Last ModifiedAugust 08, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score6.8
SeverityMEDIUM
Exploitability Score8.0
Impact Score6.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSMicrosoftWindows 2000*sp3adv_srv*****
    2.3OSMicrosoftWindows 2000*sp3srv*****

Vulnerable Software List

VendorProductVersions
Microsoft Windows 2000 *

References

NameSourceURLTags
7959http://secunia.com/advisories/7959SECUNIAVendor Advisory
3654http://securityreason.com/securityalert/3654SREASON
815225http://support.microsoft.com/kb/815225/en-usMSKB
20030123 DoS attack on Windows 2000 Terminal Serverhttp://www.securityfocus.com/archive/1/308059BUGTRAQ
20030124 RE: DoS attack on Windows 2000 Terminal Serverhttp://www.securityfocus.com/archive/1/308164BUGTRAQ
6672http://www.securityfocus.com/bid/6672BID
1005986http://www.securitytracker.com/id?1005986SECTRACK
win2k-terminal-msgina-dos(11141)https://exchange.xforce.ibmcloud.com/vulnerabilities/11141XF
win2k-terminal-msgina-permissions(11816)https://exchange.xforce.ibmcloud.com/vulnerabilities/11816XF