PT-2004-3445 · Novell · Novell Client Firewall

Published

2004-12-31

Updated

2017-07-11

CVE-2004-2554

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Novell Client Firewall (NCF) version 2.0

Description The issue allows local users to execute arbitrary code with SYSTEM privileges. This can be achieved by opening the NCF tray icon and utilizing the Help functionality to launch programs with elevated privileges.

Recommendations For Novell Client Firewall (NCF) version 2.0, consider disabling the Help functionality in the NCF tray icon until a patch is available to prevent exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2554

Affected Products

Novell Client Firewall

PT-2004-3445 · Novell · Novell Client Firewall

CVE-2004-2554

Related Identifiers

Affected Products

References · 8