PT-2001-2428 · Microsoft · Windows 2000

Published

2001-07-18

Updated

2019-04-30

CVE-2001-1302

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Windows 2000

Description: The issue concerns the change password option in the Windows Security interface, which allows attackers to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages. This is possibly due to a problem in the NetuserChangePassword function.

Recommendations: For Windows 2000, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1302

Affected Products

Windows 2000

PT-2001-2428 · Microsoft · Windows 2000

CVE-2001-1302

Related Identifiers

Affected Products

References · 4