CVE-2001-1302

The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*

History

20 Nov 2024, 23:37

Type Values Removed Values Added
References () http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0107&L=ntbugtraq&F=P&S=&P=1911 - () http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0107&L=ntbugtraq&F=P&S=&P=1911 -
References () http://www.securityfocus.com/bid/3063 - Vendor Advisory () http://www.securityfocus.com/bid/3063 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/6876 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/6876 -

Information

Published : 2001-07-18 04:00

Updated : 2024-11-20 23:37


NVD link : CVE-2001-1302

Mitre link : CVE-2001-1302

CVE.ORG link : CVE-2001-1302


JSON object : View

Products Affected

microsoft

  • windows_2000