Back to search
CVE-2005-2554
Published: Aug 12, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2005-1402
vdb-entry
x_refsource_VUPEN
20050811 Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
mailing-list
x_refsource_FULLDISC
epolicy-orchestrator-gain-privileges(21839)
vdb-entry
x_refsource_XF
14549
vdb-entry
x_refsource_BID
16410
third-party-advisory
x_refsource_SECUNIA
18735
vdb-entry
x_refsource_OSVDB
http://reedarvin.thearvins.com/20050811-01.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now