Vulnerabilities > CVE-2000-0770 - Unspecified vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS02-001.NASL |
| description | Trust relationships are created between Windows NT or Windows 2000 domains to allow users in one domain to access resources in other domains without requiring them to authenticate separately to each domain. When a user in a trusted domain requests access to a resource in a trusting domain, the trusted domain supplies authorization data in the form of a list of Security Identifiers (SIDs) that indicate the user |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 11366 |
| published | 2003-03-12 |
| reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/11366 |
| title | MS02-001: Trusted Domain SID Remote Privilege Escalation (311401) |