Vulnerability Description
CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows 2003 Server | r2 |
| Microsoft | Windows Xp | All versions |
References
- http://support.microsoft.com/kb/831374PatchVendor Advisory
- http://support.microsoft.com/kb/831375PatchVendor Advisory
- http://support.microsoft.com/kb/900345
- http://support.microsoft.com/kb/831374PatchVendor Advisory
- http://support.microsoft.com/kb/831375PatchVendor Advisory
- http://support.microsoft.com/kb/900345
FAQ
What is CVE-2005-3177?
CVE-2005-3177 is a vulnerability with a CVSS score of 4.6 (MEDIUM). CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table c...
How severe is CVE-2005-3177?
CVE-2005-3177 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3177?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows 2003 Server, Microsoft Windows Xp.