QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2005-3170

Back to search

CVE-2005-3170

Published: Oct 6, 2005

Modified: Dec 5, 2024

PUBLISHED

Description

The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using LDAP Secure Sockets Layer (LDAPS) even when the Certificate Authority (CA) is not trusted, which could allow attackers to trick users into believing that they are accessing a trusted site.

VendorProductVersions

n/a

n/a

affected
n/a

References

883639
vendor-advisory
x_refsource_MSKB
900345
vendor-advisory
x_refsource_MSKB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now