Group Policy Bypass in Microsoft Windows 2000 Terminal Services
CVE-2002-0444

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000 Terminal Services
Vendor: CVE Published:; 26 July 2002

What is CVE-2002-0444?

Microsoft Windows 2000 Terminal Services, including the 90-day trial version, may not enforce group policies when the number of connections to the SYSVOL share reaches its limit, potentially allowing remote authenticated users to bypass established group policies. This flaw could expose sensitive configurations, leading to unauthorized access or privilege escalation.

References

http://www.securityfocus.com/archive/1/266729

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/8813.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/4464

vdb-entryx_refsource_BID

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2002
Vulnerability Reserved
Jun 7, 2002