CVE-2005-3169 — MEDIUM (5.0)

Vulnerability Description

Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to conduct unauthorized activities without detection.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Microsoft	Windows 2000	All versions

References

http://support.microsoft.com/kb/833873PatchVendor Advisory
http://support.microsoft.com/kb/900345PatchVendor Advisory
http://support.microsoft.com/kb/833873PatchVendor Advisory
http://support.microsoft.com/kb/900345PatchVendor Advisory

FAQ

What is CVE-2005-3169?

CVE-2005-3169 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Di...

How severe is CVE-2005-3169?

CVE-2005-3169 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-3169?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000.