CVE-2002-0725

MEDIUM

Microsoft Windows 2000 - Symlink Following

Title source: rule

Description

NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.

References (3)

[Broken Link] http://www.atstake.com/research/advisories/2000/a081602-1.txt

[Broken Link, Vendor Advisory] http://www.iss.net/security_center/static/9869.php

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/5484

Scores

CVSS v3 5.5

EPSS 0.0066

EPSS Percentile 70.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Classification

CWE

CWE-59

Status draft

Affected Products (2)

microsoft/windows_2000

microsoft/windows_nt

Timeline

Published Sep 05, 2002

Tracked Since Feb 18, 2026