CVE-2004-2176

Severity

46%

Complexity

39%

Confidentiality

106%

The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls.

The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Microsoft

First reported 20 years ago

2004-12-31 05:00:00

Last updated 16 years ago

2008-09-05 20:43:00

Affected Software

Microsoft Windows XP Professional Gold

Microsoft Windows XP Service Pack 2 Home Edition

Microsoft windows xp_sp2 media_center

References

20041012 Writing Trojans that bypass Windows XP Service Pack 2 Firewall

11410

Exploit

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.