Insecure ACL Application in SECEDIT Command on Windows 2000

Insecure ACL Application in SECEDIT Command on Windows 2000

CVE-2005-3168 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists (ACLs) on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions than specified by the template.

Learn more about our Web Application Penetration Testing UK.