Lucene search

[email protected]NVD:CVE-2006-0968

HistoryMar 02, 2006 - 11:02 p.m.

CVE-2006-0968

2006-03-0223:02:00

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

The ncprwsnt service in NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to execute arbitrary code by modifying the connect.bat script, which is automatically executed by the service after a connection is established.

Affected configurations

NVD

Node

ncp_network_communicationssecure_clientMatch8.11_build_146

References

lists.grok.org.uk/pipermail/full-disclosure/2006-March/042640.html

secunia.com/advisories/19082

securityreason.com/securityalert/524

www.securityfocus.com/archive/1/426480/100/0/threaded

www.securityfocus.com/bid/16906

exchange.xforce.ibmcloud.com/vulnerabilities/25251

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

Related for NVD:CVE-2006-0968

cve1 prion1 cvelist1