Home » Hacking News » Windows 2000 EFS Temporary File Retrieval Vulnerability

Windows 2000 EFS Temporary File Retrieval Vulnerability

by Phiber on January 22nd, 2001 A problem in the package could allow the recovery of sensitive data encrypted by the EFS. When the file is selected for encryption, and backup copy of the file is moved into the temporary directory using the file name efs0.tmp.....

The data from this file is taken and encrypted using EFS, with the backup file being deleted after the encryption process is performed. However, after the file is encrypted and the file is deleted, the blocks in the file system are never cleared, thus making it possible for a any user on the local host to access the data of the encrypted file, which falls outside of the constrains of access control imposed by the Operating System. This makes it possible for a malicious user to recover sensitive data encrypted by EFS.

From the forum

The forums are now OPEN AGAIN!

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Our online shop
Top sellers
New Items
Books
Software

Xatrix.org © Copyright 2001-2016, Xatrix Security . All Rights Reserved
Most hackers are young because young people tend to be adaptable. As long as you remain adaptable, you can always be a good hacker. - Emmanuel Goldstein

Users login

JOIN XATRIX

Windows 2000 EFS Temporary File Retrieval Vulnerability

Related articles

Advisories

Vulnerabilities

From the forum

Newsletter signup

Free E-books

Contact