Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0502


Vulnerability Score 4.6 4.6
CVE Id CVE-2001-0502
Last Modified 05 Sep 2008 04:24:16
Published 21 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


MS - MS01-036

XF - win2k-ldap-change-passwords(6745)

BID - 2929

CIAC - L-101

Last Updated: 27 May 2016 10:36:18