Vulnerabilities > CVE-2005-1103 - Unspecified vulnerability in Sygate Technologies Security Agent

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

sygate-technologies

NVD

Published: 2005-04-12

Updated: 2016-10-18

Summary

Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA.

Vulnerable Configurations

Part	Description	Count
Application	Sygate_Technologies Sygate Technologies Security Agent 3.5_Build_2576 Sygate Technologies Security Agent 3.5_Build_2577 Sygate Technologies Security Agent 4.0 Sygate Technologies Security Agent 4.1	4

References

http://marc.info/?l=bugtraq&m=111335219201828&w=2