CVE-ID

CVE-1999-0585

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
A Windows NT administrator account has the default name of Administrator.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Entry Created
19990607 Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (19990721)
Votes (Legacy)
ACCEPT(1) Ozancin
MODIFY(1) Frech
REJECT(3) Baker, Northcutt, Shostack
REVIEWING(1) Wall
Comments (Legacy)
 Wall> Some sources say this is not a vulnerability, but a warning.  It just
   slows down the search for the admin account (SID = 500) which can
   always be found.
 Northcutt> I change this on all NT systems I am responsible for, but is
   root a vulnerability?
 Baker> There are ways to identify the administrator account anyway, so this
   is only a minor delay to someone that is knowledgeable.  This, in and
   of itself, doesn't really strike me as a vulnerability, anymore than
   the root account on a Unix box.
 Shostack> (there is no way to hide the account name today)
 Frech> XF:nt-adminexists

Proposed (Legacy)
19990721
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.