CVE-2004-0540
Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.
Date published : 2004-06-08
http://support.microsoft.com/default.aspx?scid=kb;en-us;830847