CVE-2001-0502
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
21/07/2001
Last modified:
03/04/2025
Description
Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.ciac.org/ciac/bulletins/l-101.shtml
- http://www.securityfocus.com/bid/2929
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-036
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6745
- http://www.ciac.org/ciac/bulletins/l-101.shtml
- http://www.securityfocus.com/bid/2929
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-036
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6745