First published: Tue Dec 31 2002(Updated: )
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Site Server | =3.0-sp2 | |
Microsoft Site Server | =3.0-sp2_alpha | |
Microsoft Site Server Commerce | =3.0-sp3_alpha | |
Microsoft Site Server | =3.0-sp3_alpha | |
Microsoft Site Server | =3.0-sp1_alpha | |
Microsoft Site Server | =3.0 | |
Microsoft Site Server Commerce | =3.0-sp1_alpha | |
Microsoft Site Server | =3.0-apha | |
Microsoft Site Server | =3.0-sp1 | |
Microsoft Site Server Commerce | =3.0-alpha | |
Microsoft Site Server | =3.0-sp3 | |
Microsoft Site Server Commerce | =3.0-sp2_alpha | |
Microsoft Site Server Commerce | =3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.