CVE-2001-0860

Published: Dec 6, 2001Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).

Affected (2)

Products: Microsoft: Windows 2000, Windows Xp

2 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows Xp	All versions

References (6)

http://marc.info/?l=bugtraq&m=100578220002083&w=2

Source: cve@mitre.org

http://www.securityfocus.com/bid/3541

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/7538

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=100578220002083&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3541

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/7538

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.