Back to search
CVE-2001-0502
Published: Mar 9, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MS01-036
vendor-advisory
x_refsource_MS
2929
vdb-entry
x_refsource_BID
L-101
third-party-advisory
government-resource
x_refsource_CIAC
win2k-ldap-change-passwords(6745)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now