PT-2006-2007 · Ncp · Ncp Network Communication Secure Client

Ports

Published

2006-03-02

Updated

2018-10-18

CVE-2006-0968

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NCP Network Communication Secure Client version 8.11 Build 146

Description The issue allows local users to execute arbitrary code by modifying the connect.bat script, which is automatically executed by the service after a connection is established.

Recommendations For NCP Network Communication Secure Client version 8.11 Build 146, consider restricting access to the connect.bat script to prevent modification and potential code execution until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0968

Affected Products

Ncp Network Communication Secure Client

PT-2006-2007 · Ncp · Ncp Network Communication Secure Client

CVE-2006-0968

Related Identifiers

Affected Products

References · 7