PT-2001-1592 · Microsoft · Windows 2000+2

Published

2001-06-18

Updated

2017-10-10

CVE-2001-0373

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Windows NT and Windows 2000

Description The default configuration of the Dr. Watson program generates user.dmp crash dump files with world-readable permissions. This could allow a local user to gain access to sensitive information.

Recommendations For Windows NT and Windows 2000, consider changing the permissions of the user.dmp crash dump files to restrict access to sensitive information. As a temporary workaround, restrict access to the directory where the crash dump files are stored to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0373

Affected Products

Dr. Watson

Windows 2000

Windows Nt

PT-2001-1592 · Microsoft · Windows 2000+2

CVE-2001-0373

Related Identifiers

Affected Products

References · 5