Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1103

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-1103
Last Modified 05 Sep 2008 04:48:13
Published 12 Apr 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-1103

Summary

Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA.

Vulnerable Systems

Application

  • Sygate Technologies Security Agent 3.5 Build 2576

  • Sygate Technologies Security Agent 3.5 Build 2577

  • Sygate Technologies Security Agent 4.0

  • Sygate Technologies Security Agent 4.1


References

BUGTRAQ - 20050412 IRM 011: Sygate,Security Agent (Sygate Secure Enterprise) Fail Open


Last Updated: 27 May 2016 10:40:02