Security Alerts




Minor Local Privilege Escalation Flaw in WSM Server Software

Severity: Low Summary: This vulnerability affects:  WatchGuard System Manager (WSM) Server Software. How an attacker exploits it: By placing a specially crafted DLL into a specific WatchGuard path Impact:  When you install WSM into a non-hardened, non-default directory, local users can execute code on your Windows computer with SYSTEM privileges  (see mitigating factors below) What to do: If you install WSM in a non-default location, or use XP, change the directory permissions of the WatchGuard folder Exposure: This week, Julien Ahrens of RCE Security disclosed a local elevation of privilege vulnerability that affects the Server Software portion of WatchGuard System Manager (WSM) 11.7.4 and below

Source:
Minor Local Privilege Escalation Flaw in WSM Server Software
September 11, 2013 — Category: Security Alerts