Microsoft Web Client Extender NTLM Authentication Vulnerability

Bugtraq ID: 2199
Class: Design Error
CVE:
Remote: Yes
Local: Yes
Published: Jan 11 2001 12:00AM
Updated: Jan 11 2001 12:00AM
Credit: Discovered by David Litchfield of @Stake and publicized in a Microsoft Security Bulletin (MS01-001) on January 11, 2001.
Vulnerable: Microsoft Windows ME
Microsoft Windows 2000 Server
+ Avaya DefinityOne Media Servers
+ Avaya IP600 Media Servers
+ Avaya S3400 Message Application Server 0
+ Avaya S8100 Media Servers 0
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Advanced Server
Microsoft Office 2000
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus