The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using LDAP Secure Sockets Layer (LDAPS) even when the Certificate Authority (CA) is not trusted, which could allow attackers to trick users into believing that they are accessing a trusted site.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-10-06T04:00:00Z
Updated: 2024-09-17T01:35:54.920Z
Reserved: 2005-10-06T00:00:00Z
Link: CVE-2005-3170
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2005-10-06T10:02:00.000
Modified: 2024-02-13T17:43:18.500
Link: CVE-2005-3170
Redhat
No data.