CVE-2005-2150

CVE Database · CVE-2005-2150

CVE-2005-2150

· N/AModified

CVSS v3.1

N/A

EPSS

19.36%

Published

Jul 11, 2005

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog.

Affected Products (2)

microsoft · windows_2000vulnerable

microsoft · windows_ntvulnerable

References (16)

http://marc.info/?l=bugtraq&m=112076409813099&w=2

http://secunia.com/advisories/14189

http://securitytracker.com/id?1014417

http://www.hsc.fr/ressources/presentations/null_sessions/

http://www.securityfocus.com/bid/14177

http://www.securityfocus.com/bid/14178

https://exchange.xforce.ibmcloud.com/vulnerabilities/21286

https://exchange.xforce.ibmcloud.com/vulnerabilities/21288

http://marc.info/?l=bugtraq&m=112076409813099&w=2

http://secunia.com/advisories/14189

http://securitytracker.com/id?1014417

http://www.hsc.fr/ressources/presentations/null_sessions/

KEV Catalog EPSS Scores Vendors All CVEs