CVE-2005-2579

Name of the Vulnerable Software and Affected Versions Nortel Contivity VPN Client version V05 01.030

Description The issue arises when configuring a certificate for authentication, where the system fails to properly drop privileges. This allows local users to elevate their privileges by exploiting the File Open dialog box in a program.

Recommendations For Nortel Contivity VPN Client version V05 01.030, consider restricting access to the certificate configuration feature until a proper fix is applied to ensure the system correctly handles privileges. As a temporary workaround, avoid using the File Open dialog box for certificate configuration to minimize the risk of exploitation.