Vulnerability CVE-2007-2950
Published: 2007-07-23   Modified: 2012-02-12

Description:
Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges.

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Symantec -> Discovery 
Numara -> Asset manager 
Centennial -> Discovery 

 References:
http://www.vupen.com/english/advisories/2007/2603
http://www.vupen.com/english/advisories/2007/2600
http://www.vupen.com/english/advisories/2007/2599
http://secunia.com/secunia_research/2007-60/advisory/
http://secunia.com/secunia_research/2007-59/advisory/
http://secunia.com/secunia_research/2007-58/advisory/
http://secunia.com/advisories/25379
http://secunia.com/advisories/25374
http://secunia.com/advisories/25354
http://xforce.iss.net/xforce/xfdb/35564
http://xforce.iss.net/xforce/xfdb/35563
http://xforce.iss.net/xforce/xfdb/35562
http://www.securityfocus.com/bid/25000
Copyright 2024, cxsecurity.com

 

Back to Top