Family: Windows : Microsoft Bulletins --> Category: infos
LDAP over SSL could allow passwords to be changed (Q299687) Vulnerability Scan
Vulnerability Scan Summary
Acertains whether the hotfix Q287397 is installed
Detailed Explanation for this Vulnerability Test
A bug in Windows 2000 may allow a possible hacker to change the password of a third
The remote version of Windows 2000 contains a bug in its LDAP implementation
which fails to validate the permissions of a user requesting to change the
password of a third party user.
A possible hacker may exploit this vulnerability to gain unauthorized access to the
Critical / CVSS Base Score : 10
Click HERE for more information and discussions on this network vulnerability scan.