PT-2005-1430 · Woodstone · Servers Alive

Michael Starks

Published

2005-03-16

Updated

2017-07-11

CVE-2005-0352

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Servers Alive versions 4.1 through 5.0

Description The issue allows local users to gain privileges when the software is running as a service and loads local manual under the help menu without dropping SYSTEM privileges.

Recommendations For versions 4.1 through 5.0, consider dropping SYSTEM privileges before loading local manual under the help menu to prevent local users from gaining privileges.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0352

Affected Products

Servers Alive

PT-2005-1430 · Woodstone · Servers Alive

CVE-2005-0352

Related Identifiers

Affected Products

References · 5