Skip to main content

CVE-2001-0502

Severity Medium
Score 4.6/10

Summary

Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.

  • LOW
  • LOCAL
  • NONE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published