CVE
- Id
- 557
- CVE No.
- CVE-1999-0575
- Status
- Candidate
- Description
- A Windows NT system"s user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.
- Phase
- Proposed (19990721)
- Votes
- ACCEPT(4) Christey, Ozancin, Shostack, Wall | MODIFY(1) Frech | RECAST(2) Baker, Northcutt
- Comments
- Northcutt> It isn"t a great truth that you should enable all or the above, if you | do you potentially introduce a vulnerbility of filling up the file | system with stuff you will never look at. | Ozancin> It is far less interesting what a user does successfully that what they | attempt and fail at. | Christey> The list of event types is very useful for lookup. | Frech> XF:nt-system-audit | XF:nt-logon-audit | XF:nt-object-audit | XF:nt-privil-audit | XF:nt-process-audit | XF:nt-policy-audit | XF:nt-account-audit | CHANGE> [Baker changed vote from REVIEWING to RECAST]
