Arbitrary Code Execution with SYSTEM Privileges in Novell Client Firewall (NCF) 2.0

Arbitrary Code Execution with SYSTEM Privileges in Novell Client Firewall (NCF) 2.0

CVE-2004-2554 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges.

Learn more about our User Device Pen Test.