PT-1999-1535 · Cabletron · Spectroserver+1

Published

1999-06-23

Updated

2016-10-18

CVE-1999-1019

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cabletron Spectrum Enterprise Manager version 5.0

Description The issue concerns insecure permissions in the directory tree installed by SpectroSERVER, allowing local users to replace a privileged executable with a Trojan horse. This could lead to a root or Administrator compromise.

Recommendations For Cabletron Spectrum Enterprise Manager version 5.0, consider changing the permissions of the directory tree installed by SpectroSERVER to prevent local users from modifying the privileged executable processd. As a temporary workaround, restrict access to the processd executable until a proper fix is applied.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1019

Affected Products

Cabletron Spectrum Enterprise Manager

Spectroserver

PT-1999-1535 · Cabletron · Spectroserver+1

CVE-1999-1019

Related Identifiers

Affected Products

References · 4