CVE-2005-3177

Published: Oct 6, 2005Modified: Apr 16, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed.

Affected (3)

Products: Microsoft: Windows 2000, Windows 2003 Server, Windows Xp

3 products

Windows 2003 Server

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows 2003 Server	Version r2
Microsoft Windows Xp	All versions

References (6)

http://support.microsoft.com/kb/831374

Source: cve@mitre.org

PatchVendor Advisory

http://support.microsoft.com/kb/831375

Source: cve@mitre.org

PatchVendor Advisory

http://support.microsoft.com/kb/900345

Source: cve@mitre.org

http://support.microsoft.com/kb/831374

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://support.microsoft.com/kb/831375

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://support.microsoft.com/kb/900345

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.