Local Module Loading Vulnerability in WatchGuard ServerLock for Windows 2000
CVE-2003-0641

Currently unrated

Key Information:

Vendor: Watchguard
Status: Serverlock
Vendor: CVE Published:; 27 August 2003

Summary

The vulnerability in WatchGuard ServerLock for Windows 2000 prior to version SL 2.0.3 allows local users to exploit the OpenProcess() function to load arbitrary modules. This exploitation can occur through various methods, including DLL injection attacks, the use of ZwSetSystemInformation, and API hooking techniques within the OpenProcess context. As a result, unauthorized code execution may be possible, leading to potential system compromises.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/12665

vdb-entryx_refsource_XF

http://www.osvdb.org/6578

vdb-entryx_refsource_OSVDB

http://marc.info/?l=bugtraq&m=105848106631132&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Aug 27, 2003
Vulnerability Reserved
Aug 1, 2003