Lucene search
K

3 matches found

CVE
CVE
added 2008/01/09 12:0 a.m.54 views

CVE-2007-5665

The CVE-2007-5665 issue affects Novell ZENworks Endpoint Security Management (ESM) STEngine.exe (version around 3.5.0.20) where diagnostic report generation uses scripts in a world-writable directory. The service runs as SYSTEM and will execute a command shell found in that directory; if a local ...

7.2CVSS6.4AI score0.00367EPSS
Exploits1References5Affected Software1
seebug.org
seebug.org
added 2008/01/08 12:0 a.m.28 views

Novell ZENworks ESM客户端STEngine.exe本地权限提升漏洞

BUGTRAQ ID: 27146 CVECAN ID: CVE-2007-5665 Novell ZENworks Endpoint Security Management(ESM)的安全客户端允许集中管理防火墙保护策略。 ESM在处理命令的执行时存在漏洞,本地攻击者可能利用此漏洞提升自己的权限。 当在工作站上安装ZENworks ESM的安全客户端时,就会将STEngine服务设置为在本地SYSTEM帐号下运行。以下可执行程序中实现这个服务: 文件名:STEngine.exe(1,847,296字节) 版本:3.5.0.20...

7.2CVSS6.4AI score0.00367EPSS
Exploits1
securityvulns
securityvulns
added 2008/01/06 12:0 a.m.69 views

iDefense Security Advisory 12.24.07: Novell ZENworks Endpoint Security Management Local Privilege Escalation Vulnerability

iDefense Security Advisory 12.24.07 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 24, 2007 I. BACKGROUND Novell ZENworks Endpoint Security Management ESM Security Client provides centrally managed, policy based firewall protection for clients. It is designed to be installed on all...

7.2CVSS1AI score0.00367EPSS
Exploits1
Rows per page
Query Builder