Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_nt | Microsoft | 4.0 (including) | 4.0 (including) |
Windows_nt | Microsoft | 4.0-sp1 (including) | 4.0-sp1 (including) |
Windows_nt | Microsoft | 4.0-sp2 (including) | 4.0-sp2 (including) |
Windows_nt | Microsoft | 4.0-sp3 (including) | 4.0-sp3 (including) |
Windows_nt | Microsoft | 4.0-sp4 (including) | 4.0-sp4 (including) |
Windows_nt | Microsoft | 4.0-sp5 (including) | 4.0-sp5 (including) |
Windows_nt | Microsoft | 4.0-sp6 (including) | 4.0-sp6 (including) |