CVE

Id
4042  
CVE No.
CVE-2001-1238  
Status
Candidate  
Description
Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.  
Phase
Proposed (20020502)  
Votes
ACCEPT(3) Cole, Frech, Green | NOOP(2) Cox, Foat | REJECT(1) Baker | REVIEWING(1) Wall  
Comments
Baker> I don"t think this is really a vulnerability. If I am not mistaken, | those are "services" which have to be managed by the services control | in windows 2K. This keeps users from killing things the system has | to have. I don"t think it is possible to kill another of other services | in this manner either. Try it on almost any W2K system, and there are any | number of services that you cannot kill from the process tab, rather you | must go to the services controller to stop the service. | I vote to reject this, as this is not a vulnerability, since you would have | to be administrator on the system to change one of these services to a trojan | version anyway.  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
18758 4042 CVE-2001-1238 BUGTRAQ:20010716 W2k: Unkillable Applications  View
18759 4042 CVE-2001-1238 URL:http://www.securityfocus.com/archive/1/197195  View
18760 4042 CVE-2001-1238 XF:win2k-taskmanager-unkillable-process(6919)  View
18761 4042 CVE-2001-1238 URL:http://xforce.iss.net/static/6919.php  View
18762 4042 CVE-2001-1238 BID:3033  View

Related JVN