Vulnerabilities > CVE-2005-3176 - Remote Security vulnerability in Windows 2000 Advanced Server

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2005-10-06

Updated: 2008-09-05

Summary

Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 2000 *	1

References

http://support.microsoft.com/kb/891076
http://support.microsoft.com/kb/900345