| VID |
28359 |
| Severity |
30 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
Remote system unlimit local account use of blank passwords to console logon only. The remote system console local account use of blank passwords to log on is possible. Local accounts with blank passwords Terminal Services, Telnet, and FTP network services, such as interactive logon allows remote denial of service attacks can be used.
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
1. Run> SECPOL.MSC > Local Policies> Security Options
2. 'Accounts: Limit local account use of blank passwords to console logon only' setting the value to 'Enabled' |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
