CVE-2005-2554

2005-08-1204:00:00

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the “Common Framework\Db” folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.

References

knowledgemap.nai.com/KanisaSupportSite/search.do?cmd=displayKC&docType=kc&externalId=KBkb42216xml

lists.virus.org/full-disclosure-0508/msg00376.html

reedarvin.thearvins.com/20050811-01.html

secunia.com/advisories/16410

www.osvdb.org/18735

www.securityfocus.com/bid/14549

www.vupen.com/english/advisories/2005/1402

exchange.xforce.ibmcloud.com/vulnerabilities/21839