Microsoft Windows 2000 LDAP SSL密码修改漏洞

admin
admin
admin
0
文章
0
评论
2022-07-22 07:31:31 CNNVD漏洞 来源:ZONE.CI 全球网 0 阅读模式

漏洞信息详情

Microsoft Windows 2000 LDAP SSL密码修改漏洞

  • CNNVD编号:CNNVD-200107-145
  • 危害等级: 中危
  • CVE编号: CVE-2001-0502
  • 漏洞类型: 其他
  • 发布时间: 2001-07-21
  • 威胁类型: 本地
  • 更新时间: 2005-05-02
  • 厂        商: microsoft
  • 漏洞来源: Discovered by Jon ...

漏洞简介

SSL上运行Windows 2000 LDAP Server的一个参数没有在目录原则为域用户并且域数据属性为域密码时正确检查用户权限,本地用户可以利用该漏洞修改其他用户的登录密码。

漏洞公告

The Microsoft patch Q299687, as described in Microsoft Security Bulletin MS01-036, has been superseded. The new patch is Q318593, as described in Microsoft Security Bulletin MS02-016. Fixes for Microsoft Windows 2000 Datacenter Server are hardware specific. Those affected should contact the original manufacturer of their hardware about the availability of Datacenter Server fixes. Microsoft Windows 2000 Server SP2

  • Microsoft Q318593This fix applies to Windows 2000 Domain Controller. http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844
Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Q318593This fix applies to Windows 2000 Domain Controller. http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844
Microsoft Windows 2000 Server SP1
  • Microsoft Q318593This fix applies to Windows 2000 Domain Controller. http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844
Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Q318593This fix applies to Windows 2000 Domain Controller. http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844
Microsoft Windows 2000 Advanced Server
  • Microsoft Q318593This fix applies to Windows 2000 Domain Controller. http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844
Microsoft Windows 2000 Server
  • Microsoft Q318593This fix applies to Windows 2000 Domain Controller. http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844

参考网址

来源: MS 名称: MS01-036 链接:http://www.microsoft.com/technet/security/bulletin/MS01-036.asp 来源: XF 名称: win2k-ldap-change-passwords(6745) 链接:http://xforce.iss.net/static/6745.php 来源: BID 名称: 2929 链接:http://www.securityfocus.com/bid/2929 来源: CIAC 名称: L-101 链接:http://www.ciac.org/ciac/bulletins/l-101.sHTML

受影响实体

  • Microsoft Windows_2000  

补丁

    暂无

weinxin
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
咨询加Q:999999999
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 安全领域涉猎者-乌云独行地带
获取本源码
售前咨询加Q:120433200
站媒体网仿《知更鸟》模板
获取本源码 zmt6.com
评论:0   参与:  0