CVE-2004-0540

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000

Description The issue occurs when Microsoft Windows 2000 is running in a domain with a Fully Qualified Domain Name (FQDN) that is exactly 8 characters long. In this scenario, the system fails to prevent users with expired passwords from logging on to the domain.

Recommendations For Microsoft Windows 2000, consider implementing a workaround to enforce password expiration policies, such as manually tracking and disabling accounts with expired passwords until a more permanent solution can be applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.