PT-2006-2007 · Ncp · Ncp Network Communication Secure Client

Ports

Publicado

2006-03-02

Atualizado

2018-10-18

CVE-2006-0968

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NCP Network Communication Secure Client version 8.11 Build 146

Description The issue allows local users to execute arbitrary code by modifying the connect.bat script, which is automatically executed by the service after a connection is established.

Recommendations For NCP Network Communication Secure Client version 8.11 Build 146, consider restricting access to the connect.bat script to prevent modification and potential code execution until a fix is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-0968

Produtos afetados

Ncp Network Communication Secure Client

PT-2006-2007 · Ncp · Ncp Network Communication Secure Client

CVE-2006-0968

Identificadores relacionados

Produtos afetados

Referências · 7