• info
• discussion
• exploit
• solution
• references

Microsoft Windows 2000 LDAP SSL Password Modification Vulnerability

Solution:
The Microsoft patch Q299687, as described in Microsoft Security Bulletin MS01-036, has been superseded. The new patch is Q318593, as described in Microsoft Security Bulletin MS02-016.

Fixes for Microsoft Windows 2000 Datacenter Server are hardware specific. Those affected should contact the original manufacturer of their hardware about the availability of Datacenter Server fixes.


Microsoft Windows 2000 Server SP2

• Microsoft Q318593
  This fix applies to Windows 2000 Domain Controller.
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844

Microsoft Windows 2000 Advanced Server SP1

• Microsoft Q318593
  This fix applies to Windows 2000 Domain Controller.
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844

Microsoft Windows 2000 Server SP1

• Microsoft Q318593
  This fix applies to Windows 2000 Domain Controller.
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844

Microsoft Windows 2000 Advanced Server SP2

• Microsoft Q318593
  This fix applies to Windows 2000 Domain Controller.
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844

Microsoft Windows 2000 Advanced Server

• Microsoft Q318593
  This fix applies to Windows 2000 Domain Controller.
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844

Microsoft Windows 2000 Server

• Microsoft Q318593
  This fix applies to Windows 2000 Domain Controller.
  http://www.microsoft.com/Downloads/Release.asp?ReleaseID=36844