Microsoft Windows 2000 Windows Station Access Vulnerability
BID:1350
Info
Microsoft Windows 2000 Windows Station Access Vulnerability
| Bugtraq ID: | 1350 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 15 2000 12:00AM |
| Updated: | Jun 15 2000 12:00AM |
| Credit: | Publicized in a Microsoft Security Bulletin (MS00-020) on June 15, 2000. |
| Vulnerable: |
Microsoft Windows 2000 Server Microsoft Windows 2000 Professional Microsoft Windows 2000 Advanced Server |
| Not Vulnerable: | |
Discussion
Microsoft Windows 2000 Windows Station Access Vulnerability
Any user logged on locally to a Windows 2000 machine is capable of accessing processes in other users' windows stations, such as system processes. This would allow for the possible modification of processes which run in a less restricted security context than the user's.
This vulnerability only affects the local machine and could not be used to access processes on remote systems.
Any user logged on locally to a Windows 2000 machine is capable of accessing processes in other users' windows stations, such as system processes. This would allow for the possible modification of processes which run in a less restricted security context than the user's.
This vulnerability only affects the local machine and could not be used to access processes on remote systems.
Exploit / POC
Microsoft Windows 2000 Windows Station Access Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
References
Microsoft Windows 2000 Windows Station Access Vulnerability
References:
References: