Vulnerabilities > CVE-2003-1169 - Unspecified vulnerability in Datev Nutzungskontrolle 2.1/2.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN datev
exploit available
Summary
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | DATEV Nutzungskontrolle 2.1/2.2 Unauthorized Access Vulnerability. CVE-2003-1169. Local exploit for windows platform |
| id | EDB-ID:23327 |
| last seen | 2016-02-02 |
| modified | 2003-11-01 |
| published | 2003-11-01 |
| reporter | t4rku5 |
| source | https://www.exploit-db.com/download/23327/ |
| title | DATEV Nutzungskontrolle 2.1/2.2 Unauthorized Access Vulnerability |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013113.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013113.html
- http://www.securityfocus.com/bid/8950
- http://www.securityfocus.com/bid/8950
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13589
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13589