Vulnerabilities > CVE-2006-5965 - Unspecified vulnerability in Passgo SSO Plus 2.1.0.32
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
PassGo SSO Plus 2.1.0.32, and probably earlier versions, uses insecure permissions (Everyone/Full Control) for the PassGo Technologies directory, which allows local users to gain privileges by modifying critical programs.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://secunia.com/advisories/22301
- http://secunia.com/advisories/22301
- http://secunia.com/secunia_research/2006-68/advisory
- http://secunia.com/secunia_research/2006-68/advisory
- http://securitytracker.com/id?1017272
- http://securitytracker.com/id?1017272
- http://www.securityfocus.com/archive/1/452325/100/0/threaded
- http://www.securityfocus.com/archive/1/452325/100/0/threaded
- http://www.securityfocus.com/bid/21244
- http://www.securityfocus.com/bid/21244
- http://www.vupen.com/english/advisories/2006/4660
- http://www.vupen.com/english/advisories/2006/4660
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30475
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30475