MS00-067: Telnet Client NTLM Authentication Vulnerability (272743)

This script is Copyright (C) 2000-2014 Tenable Network Security, Inc.


Synopsis :

It may be possible to steal user credentials.

Description :

The hotfix for the 'Telnet Client NTLM Authentication' problem has
not been applied.

This vulnerability may, under certain circumstances, allow a malicious
user to obtain cryptographically protected login credentials from
another user.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms00-067

Solution :

Microsoft has released a patch for Windows 2000.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 10519 ()

Bugtraq ID: 1683

CVE ID: CVE-2000-0834