| Vulnerability Name: | CVE-2004-2554 (CCN-15367) | ||||||||
| Assigned: | 2004-03-01 | ||||||||
| Published: | 2004-03-01 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2004-2554 Source: CCN Type: SA11014 Novell Client Firewall Privilege Escalation Vulnerability Source: SECUNIA Type: Vendor Advisory 11014 Source: CCN Type: SECTRACK ID: 1008755 Agnitum Outpost Firewall Tray Icon Lets Local Users Execute Commands With SYSTEM Privileges Source: SECTRACK Type: UNKNOWN 1008755 Source: CCN Type: Novell Technical Information Document TID10090585 Novell Client Firewall Tray Icon Lets Local Users Execute Commands With SYSTEM Source: CONFIRM Type: Vendor Advisory http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090585.htm Source: CCN Type: CIAC Information Bulletin O-090 Vulnerability in Novell Client Firewall Tray Icon Source: CIAC Type: Vendor Advisory O-090 Source: OSVDB Type: UNKNOWN 4120 Source: CCN Type: OSVDB ID: 4120 Novell Client Firewall Privilege Escalation Source: BID Type: UNKNOWN 9441 Source: CCN Type: BID-9441 Agnitum Outpost Firewall Local Privilege Escalation Vulnerability Source: XF Type: UNKNOWN ncf-tray-icon-gain-privileges(15367) Source: XF Type: UNKNOWN ncf-tray-icon-gain-privileges(15367) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||