Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Windows : Microsoft Bulletins --> Category: infos

LDAP over SSL could allow passwords to be changed (Q299687) Vulnerability Scan


Vulnerability Scan Summary
Acertains whether the hotfix Q287397 is installed

Detailed Explanation for this Vulnerability Test

Synopsis :

A bug in Windows 2000 may allow a possible hacker to change the password of a third
party user.

Description :

The remote version of Windows 2000 contains a bug in its LDAP implementation
which fails to validate the permissions of a user requesting to change the
password of a third party user.

A possible hacker may exploit this vulnerability to gain unauthorized access to the
remote host.

Solution :

http://www.microsoft.com/technet/security/bulletin/ms01-036.mspx

Threat Level:

Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.