Vulnerabilities > CVE-2007-2999 - Unspecified vulnerability in Microsoft Windows 2003 Server Gold/Sp1/Sp2
Attack vector
ADJACENT_NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE high complexity
microsoft
Summary
Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers to determine valid Active Directory account names.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 |