Vulnerabilities > CVE-2005-3171 - Local Security vulnerability in Windows 2000 Advanced Server

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

microsoft

NVD

Published: 2005-10-06

Updated: 2008-09-05

Summary

Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID 1704 to indicate that Group Policy security settings were successfully updated, even when the processing fails such as when Ntuser.pol cannot be accessed, which could cause system administrators to believe that the system is compliant with the specified settings.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 2000 *	1

References

http://support.microsoft.com/kb/884559
http://support.microsoft.com/kb/900345