Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0444

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0444
Last Modified 05 Sep 2008 04:28:02
Published 26 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0444

Summary

Microsoft Windows 2000 running the Terminal Server 90-day trial version, and possibly other versions, does not apply group policies to incoming users when the number of connections to the SYSVOL share exceeds the maximum, e.g. with a maximum number of licenses, which can allow remote authenticated users to bypass group policies.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000 Terminal Services


References

BID - 4464

BUGTRAQ - 20020408 Vulnerability: Windows2000Server running Terminalservices

XF - win2k-terminal-bypass-policies(8813)


Last Updated: 27 May 2016 10:36:54