Vulnerabilities > CVE-2004-2554 - Local Privilege Escalation vulnerability in Novell Client Firewall 2.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://secunia.com/advisories/11014
- http://securitytracker.com/id?1008755
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090585.htm
- http://www.ciac.org/ciac/bulletins/o-090.shtml
- http://www.osvdb.org/4120
- http://www.securityfocus.com/bid/9441
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15367