PT-2002-2120 · Microsoft+1 · Exchange 2000+1

Published

2002-10-04

Updated

2017-10-10

CVE-2002-1117

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Veritas Backup Exec versions 8.5 and earlier

Description: The issue concerns a configuration requirement in Veritas Backup Exec for Microsoft Exchange 2000, where the RestrictAnonymous registry key must be set to 0. This setting enables anonymous listing of the SAM database and shares.

Recommendations: For Veritas Backup Exec versions 8.5 and earlier, consider updating the RestrictAnonymous registry key setting to restrict anonymous access, as setting it to 0 enables potentially risky anonymous listing of the SAM database and shares.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1117

Affected Products

Exchange 2000

Veritas Backup Exec

PT-2002-2120 · Microsoft+1 · Exchange 2000+1

CVE-2002-1117

Related Identifiers

Affected Products

References · 7