CVE-2007-5665 (ZENworks Endpoint Security Management)

CVE-2007-5665 (ZENworks Endpoint Security Management)
BugsAlert Home > CVE-2007-5665 (ZENworks Endpoint Security Management)




STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management (ESM) 3.5, and other ESM versions before 3.5.0.82, dynamically creates scripts in a world-writable directory when generating diagnostic reports, which allows local users to gain privileges, as demonstrated by creating a cmd.exe binary in the diagnostic report directory. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5665 Learn more about CVE-2007-5665 (ZENworks Endpoint Security Management)


Tags: cve-2007-5665 zenworks endpoint security management

Related Items
SilverSHielD "opendir" Denial of Service Vulnerability
Grub Legacy Security Model bypass exploiting wrong BIOS API usage
Brief: Secunia faces legal threat over flaw advisory
Avaya Communication Manager FreeType Multiple Vulnerabilities
FrSIRT - ZoneAlarm Internet Security Suite Buffer Overflow Vulnerability
VLC highlander bug
Bugtraq: ZDI-08-036: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow