CVE-1999-1019

Name of the Vulnerable Software and Affected Versions Cabletron Spectrum Enterprise Manager version 5.0

Description The issue concerns insecure permissions in the directory tree installed by SpectroSERVER, allowing local users to replace a privileged executable with a Trojan horse. This could lead to a root or Administrator compromise.

Recommendations For Cabletron Spectrum Enterprise Manager version 5.0, consider changing the permissions of the directory tree installed by SpectroSERVER to prevent local users from modifying the privileged executable processd. As a temporary workaround, restrict access to the processd executable until a proper fix is applied.