SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Firewall)  >   Novell Client Firewall Vendors:   Novell
Novell Client Firewall Tray Icon Lets Local Users Execute Commands With SYSTEM Privileges
SecurityTracker Alert ID:  1009284
SecurityTracker URL:  http://securitytracker.com/id/1009284
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 2 2004
Impact:   Execution of arbitrary code via local system, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   A vulnerability was reported in the Novell Client Firewall (NCF). A local user can gain SYSTEM privileges.

It is reported that the NCF runs with SYSTEM privileges and allows a local user to right-click on the tray icon and then load 'CMD.EXE' with SYSTEM privileges. The local user can then execute arbitrary commands with SYSTEM privileges.

Novel indicates that the NCF is based on the Agnitum Outpost firewall and, as a result, is affected by the recently reported vulnerability in Agnitum Outpost [see Alert ID 1008755].

Impact:   A local user can run operating system commands with SYSTEM privileges.
Solution:   The vendor has released a fix, available on the auto-update site. Novell has assigned Solution ID NOVL95044 to this fix.
Vendor URL:  support.novell.com/cgi-bin/search/searchtid.cgi?/10090585.htm (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090585.htm


http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090585.htm

 > Novell Client Firewall Tray Icon Lets Local Users Execute Commands With SYSTEM -
 > TID10090585 (last modified 01MAR2004)

Novell issued a Technical Information Document warning of a vulnerability in the Novell 
Client Firewall (NCF).

According to the report, this vulnerability was fixed on February 27, 2004 and the fix 
posted to the auto-update site on March 1, 2004.

Novel indicates that NCF is based on Agnitum Outpost firewall and, as a result, it is 
vulnerable to the same attack disclosed recently at:

http://www.securitytracker.com/alerts/2004/Jan/1008755.html


 > Document Title: Novell Client Firewall Tray Icon Lets Local
 > Document ID: 10090585
 > Solution ID: NOVL95044
 > Creation Date: 23JAN2004
 > Modified Date: 01MAR2004
 > Novell Product Class: Novell BorderManager Services


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC