Oval Definition:oval:org.mitre.oval:def:500
Revision Date:2008-03-24Version:44
Title:Default Permissions on RAS Administration Key
Description:The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2001-0045
Platform(s):Microsoft Windows NT
Product(s):Remote Access Service (RAS)
Definition Synopsis
  • Software section
  • Microsoft Windows NT is installed
  • AND For Windows NT 4.0 Workstation, Server and Enterprise Edition
  • File %windir%\system32\tcpcfg.dll version is less than 4.0.1381.7064
  • AND NOT Windows NT 4.0 Security Roll-up Package
  • AND For Terminal Server
  • this is an NT Terminal Server
  • AND File %windir%\system32\tcpcfg.dll version is less than 4.0.1381.7097
  • AND NOT Patch Q265714 Installed
  • AND Configuration section
  • RAS Enabled
    • BACK