First published: Fri Dec 31 2004(Updated: )
Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Novell Client Firewall | =2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2004-2554 is considered a critical vulnerability due to its potential for local users to execute arbitrary code with SYSTEM privileges.
To fix CVE-2004-2554, users should update to a patched version of Novell Client Firewall or remove the software if it's no longer needed.
CVE-2004-2554 affects local users on systems running Novell Client Firewall version 2.0.
No, CVE-2004-2554 requires local access to the machine to exploit the vulnerability.
Exploiting CVE-2004-2554 allows an attacker to execute arbitrary code with SYSTEM privileges, potentially leading to full control over the system.