Vulnerability Description
Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
References
- http://support.microsoft.com/kb/830847PatchVendor Advisory
- http://support.microsoft.com/kb/900345PatchVendor Advisory
- http://support.microsoft.com/kb/830847PatchVendor Advisory
- http://support.microsoft.com/kb/900345PatchVendor Advisory
FAQ
What is CVE-2005-3174?
CVE-2005-3174 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long.
How severe is CVE-2005-3174?
CVE-2005-3174 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3174?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000.