Zurück zur CVE-Übersicht
CVE-2002-2028
LOW(2.1)AV:L/AC:L/Au:N/C:P/I:N/A:N
Risk Signal Score6/100 — NIEDRIG
EPSS-Score
2%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
2.1
Technische Schwere
Beschreibung
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.
Referenzen
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/01/msg00278.html
- http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3Bq188700
- http://www.heysoft.de/nt/lbh.htm
- http://www.securityfocus.com/bid/3933
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/01/msg00278.html
- http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3Bq188700
- http://www.heysoft.de/nt/lbh.htm
- http://www.securityfocus.com/bid/3933