Lucene search

[email protected]CVE-2005-2579

HistoryAug 16, 2005 - 4:00 a.m.

CVE-2005-2579

2005-08-1604:00:00

[email protected]

web.nvd.nist.gov

nortel

contivity

vpn

client

privilege escalation

certificate

configuration

vulnerability

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box.

Affected configurations

NVD

Node

nortelcontivityMatchv05_01.030

CPENameOperatorVersion
nortel:contivitynortel contivityeqv05_01.030

CPE	Name	Operator	Version
nortel:contivity	nortel contivity	eq	v05_01.030

References

marc.info/?l=bugtraq&m=112370730131219&w=2

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2005-2579

cvelist1 nvd1