Vulnerability CVE-2004-2554


Published: 2004-12-31   Modified: 2012-02-12

Description:
Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges.

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Novell -> Client firewall 

 References:
http://xforce.iss.net/xforce/xfdb/15367
http://www.securityfocus.com/bid/9441
http://www.osvdb.org/4120
http://www.ciac.org/ciac/bulletins/o-090.shtml
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090585.htm
http://securitytracker.com/id?1008755
http://secunia.com/advisories/11014

Copyright 2024, cxsecurity.com

 

Back to Top