CVE-2001-1570 - Windows XP with fast user switching and account lockout enabled allows local users to deny user acco

CVE-2001-1570

Summary

Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.

References

http://archives.neohapsis.com/archives/bugtraq/2001-12/0213.html
http://www.iss.net/security_center/static/7731.php
http://www.securityfocus.com/bid/3717

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*

CVSS

Base:	2.1 (as of 05-09-2008 - 20:26)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	3717
bugtraq	20011220 Windows XP security concerns
xf	winxp-fastswitch-account-lockout(7731)

Last major update

05-09-2008 - 20:26

Published

31-12-2001 - 05:00

Last modified

05-09-2008 - 20:26