Description
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Russ Cooper · textlocalwindows
https://www.exploit-db.com/exploits/19192
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_mskb
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ217004
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-005
Scores
EPSS
0.0626
EPSS Percentile
91.0%
Details
CWE
CWE-200
Status
published
Products (3)
microsoft/backoffice
4.0
microsoft/windows_2000
microsoft/windows_nt
Published
Feb 12, 1999
Tracked Since
Feb 18, 2026