CVE Catalog

CVE-2000-0089

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

High risk
2.26%

81th percentile — higher than 81% of all known CVEs

Summary

The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, leading to the exposure of sensitive data.

Risk Assessment

Allowing local users access to registry information may lead to privilege escalation and compromise of data confidentiality within the system.

Recommendation

It is recommended to restrict access to temporary files and update the system to a newer version to minimize the risk associated with this vulnerability.

Original NVD description (English source)

The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS