PT-2002-1141 · Microsoft · Exchange 2000 Server

Published

2002-03-08

Updated

2020-04-02

CVE-2002-0049

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server 2000

Description The issue concerns a privilege escalation where the "Everyone" group is given privileges to the WinReg key. This could allow remote attackers to read or modify registry keys.

Recommendations For Microsoft Exchange Server 2000, consider restricting access to the WinReg key to prevent unauthorized modifications until a fix is available.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2002-0049

Affected Products

Exchange 2000 Server

PT-2002-1141 · Microsoft · Exchange 2000 Server

CVE-2002-0049

Weakness Enumeration

Related Identifiers

Affected Products

References · 7