Windows password weakness

Added: 12/19/2005
CVE: CVE-1999-0503

Background

Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permission to access.

Problem

Administrators often set up new user accounts with no password or with a default password which is easy to guess. Additionally, some users may choose a simple password which is easy to remember. Null passwords and passwords that are very similar to the login name are an easy way for attackers to gain access to the system.

Resolution

Protect all accounts with a password that cannot be guessed. Require users to choose passwords which are eight charactes long, including numeric and non-alphanumeric characters, and which are not based on the login name or any other personal information about the user.

References

http://www.securityfocus.com/infocus/1537

Limitations

This exploit performs password guessing, not cracking. Therefore, a full dictionary attack will take a long time due to network latency. Guessing more than two passwords in rapid succession against user accounts will lock out accounts on systems with typical lockout policies. Successful password guesses do not result in a SAINTexploit connection unless the user has rights to a shared drive.

Platforms

Windows

Back to exploit index