Vulnerabilities > CVE-2005-3174 - Local Security vulnerability in Windows 2000 Advanced Server

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

microsoft

NVD

Published: 2005-10-06

Updated: 2008-09-05

Summary

Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 2000 *	1

References

http://support.microsoft.com/kb/830847
http://support.microsoft.com/kb/900345