CVE-2001-0349

N/A Unknown

Published: July 21, 2001 Modified: April 16, 2026

Description

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://www.kb.cert.org/vuls/id/587587

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/bid/2849

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-031

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/6664

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/587587

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/bid/2849

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-031

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/6664

Source: af854a3a-2127-422b-91ae-364da2661108

8 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

2.7%

86th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

microsoft