CVE-2004-2554
Summary
| CVE | CVE-2004-2554 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-12-31 05:00:00 UTC |
| Updated | 2017-07-11 01:32:00 UTC |
| Description | Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Novell | Client Firewall | 2.0 | All | All | All |
| Application | Novell | Client Firewall | 2.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Agnitum Outpost Firewall Tray Icon Lets Local Users Execute Commands With SYSTEM Privileges - SecurityTracker | SECTRACK | securitytracker.com | |
| O-090: Vulnerability in Novell Client Firewall Tray Icon | CIAC | www.ciac.org | Vendor Advisory |
| Secunia - Advisories - Novell Client Firewall Privilege Escalation Vulnerability | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Agnitum Outpost Firewall Local Privilege Escalation Vulnerability | BID | www.securityfocus.com | |
| 4120 | OSVDB | www.osvdb.org | |
| TID-10090585 Novell Client Firewall Tray Icon Lets Local Users Execute Commands With SYSTEM ( 01MAR2004) | CONFIRM | support.novell.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.