Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1169

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2003-1169
Last Modified 05 Sep 2008 04:36:13
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-1169

Summary

DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which alows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.

Vulnerable Systems

Application

  • Datev Nutzungskontrolle 2.1

  • Datev Nutzungskontrolle 2.2


References

XF - nutzungskontrolle-registry-security-bypass(13589)

BID - 8950

FULLDISC - 20031101 DATEV Nutzungskontrolle Bypassing (REG)


Last Updated: 27 May 2016 10:38:16