NTFS File System Vulnerability in Windows NT 4.0 and Windows 2000 SP2
CVE-2002-0725

5.5MEDIUM

Key Information:

Vendor

Microsoft
Status
Windows 2000 Terminal Services
Windows 2000
Vendor
CVE Published:
5 September 2002

What is CVE-2002-0725?

Local attackers can exploit a vulnerability in the NTFS file system of Windows NT 4.0 and Windows 2000 SP2 to conceal file usage activities. By creating a hard link to a target file, the attacker can manipulate the audit trail, causing it to log the hard link's activity instead of the actual target file. This diversion can hinder incident response and forensics, posing a significant risk to security monitoring and data integrity.

References

http://www.iss.net/security_center/static/9869.php
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/5484
vdb-entryx_refsource_BID
http://www.atstake.com/research/advisories/2000/a081602-1...
vendor-advisoryx_refsource_ATSTAKE

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.