Lucene search

[email protected]CVE-2004-2504

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2504

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

alt-n

mdaemon

gui

local users

privileges

child process execution

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

56.4%

JSON

The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges.

CPENameOperatorVersion
alt-n:mdaemonalt-n mdaemoneq6.8.3
alt-n:mdaemonalt-n mdaemoneq7.2
alt-n:mdaemonalt-n mdaemoneq6.8.1
alt-n:mdaemonalt-n mdaemoneq6.8.4
alt-n:mdaemonalt-n mdaemoneq6.8.0
alt-n:mdaemonalt-n mdaemoneq6.8.5
alt-n:mdaemonalt-n mdaemoneq6.8.2

CPE	Name	Operator	Version
alt-n:mdaemon	alt-n mdaemon	eq	6.8.3
alt-n:mdaemon	alt-n mdaemon	eq	7.2
alt-n:mdaemon	alt-n mdaemon	eq	6.8.1
alt-n:mdaemon	alt-n mdaemon	eq	6.8.4
alt-n:mdaemon	alt-n mdaemon	eq	6.8.0
alt-n:mdaemon	alt-n mdaemon	eq	6.8.5
alt-n:mdaemon	alt-n mdaemon	eq	6.8.2

References

archives.neohapsis.com/archives/bugtraq/2004-11/0385.html

archives.neohapsis.com/archives/fulldisclosure/2004-11/1324.html

archives.neohapsis.com/archives/fulldisclosure/2004-11/1353.html

secunia.com/advisories/13225

securitytracker.com/id?1012350

www.osvdb.org/12158

www.securityfocus.com/bid/11736

exchange.xforce.ibmcloud.com/vulnerabilities/18287

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

56.4%

JSON

Related for CVE-2004-2504

nessus1 cvelist1