Vulnerabilities > CVE-2007-2950 - Local Privilege Escalation vulnerability in Discovery and Asset Manager
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 | |
| Application | 1 |
References
- http://secunia.com/advisories/25354
- http://secunia.com/advisories/25374
- http://secunia.com/advisories/25379
- http://secunia.com/secunia_research/2007-58/advisory/
- http://secunia.com/secunia_research/2007-59/advisory/
- http://secunia.com/secunia_research/2007-60/advisory/
- http://www.securityfocus.com/bid/25000
- http://www.vupen.com/english/advisories/2007/2599
- http://www.vupen.com/english/advisories/2007/2600
- http://www.vupen.com/english/advisories/2007/2603
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35563
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35564