Local User Access to Kernel Memory in WatchGuard ServerLock for Windows 2000
CVE-2003-0642

Currently unrated

Key Information:

Vendor: Watchguard
Status: Serverlock
Vendor: CVE Published:; 27 August 2003

Summary

WatchGuard ServerLock prior to version SL 2.0.4 for Windows 2000 is susceptible to a symlink attack that allows local users unauthorized access to kernel memory. This vulnerability is due to improper handling of symbolic links that can be exploited to potentially read sensitive memory areas, thereby jeopardizing system security and data integrity.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/12666

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/8223

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=105848106631132&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Aug 27, 2003
Vulnerability Reserved
Aug 1, 2003