National Cyber Warfare Foundation (NCWF)

CVE-1999-0582
0 user ratings		1999-07-21 00:00:00
milo
CVEs
 - archive -- 

CVE-1999-0582

Date: 1999-07-21

A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.



References:

Northcutt: The definition is

Baker: Maybe a rewording of this one too. I think most people would agree on some "minimum" policies like 3-5 bad attempts lockout for an hour or until the administrator unlocks the account. Suggested rewrite - A Windows NT account policy does not enforce reasonable minimum security-critical settings for lockouts, e.g. lockout duration, lockout after bad logon attempts, etc

Ozancin: with reservations What is appropriate

Frech: XF:nt-thres-lockout XF:nt-lock-duration XF:nt-lock-window XF:nt-perm-lockout XF:lockout-disable


Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.