Showing 1 - 1 of 1

CVE-2007-5665

Status Candidate

Overview

STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management (ESM) 3.5, and other ESM versions before 3.5.0.82, dynamically creates scripts in a world-writable directory when generating diagnostic reports, which allows local users to gain privileges, as demonstrated by creating a cmd.exe binary in the diagnostic report directory.

Related Files

iDEFENSE Security Advisory 2007-12-24.1: Posted Jan 5, 2008; Authored by iDefense Labs, Stephen Fewer | Site idefense.com; iDefense Security Advisory 12.24.07 - Local exploitation of a privilege escalation vulnerability in Novell ZENworks Endpoint Security Management allows attackers to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in STEngine.exe version 3.5.0.20 as included with Novell Inc's ZENworks Endpoint Security Management 3.5. Other versions may also be affected.; tags | advisory, arbitrary, local; advisories | CVE-2007-5665; SHA-256 | c21648e448a450e5c089b4ac38b4da87f03e5e26df576e7609afeb546933705f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 136 files
Ubuntu 91 files
indoushka 33 files
Debian 22 files
nu11secur1ty 15 files
Gentoo 13 files
Apple 13 files
Google Security Research 8 files
CraCkEr 6 files
mjurczyk 4 files

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,846)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,335)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,841)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,925)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,949)
UNIX (9,317)
UnixWare (186)
Windows (6,590)
Other

CVE-2007-5665

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems