CVE-2000-1200

Published: Mar 9, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20000201 Windows NT and account list leak ! A new SID usage

mailing-list

x_refsource_BUGTRAQ

nt-lsa-domain-sid(4015)

vdb-entry

x_refsource_XF

959

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2000-1200

Description

Affected Products

References