CVE-2003-1121

Sažetak

Services in ScriptLogic 4.01, and possibly other versions before 4.14, process client requests at raised privileges, which allows remote attackers to (1) modify arbitrary registry entries via the ScriptLogic RPC service (SLRPC) or (2) modify arbitrary configuration via the RunAdmin services (SLRAserver.exe and SLRAclient.exe).

Reference

http://www.kb.cert.org/vuls/id/231705
http://www.kb.cert.org/vuls/id/609137
http://www.kb.cert.org/vuls/id/CRDY-5EXQRP
http://www.kb.cert.org/vuls/id/CRDY-5EXQSV
http://www.securityfocus.com/bid/7475
http://www.securityfocus.com/bid/7477
https://exchange.xforce.ibmcloud.com/vulnerabilities/11920
https://exchange.xforce.ibmcloud.com/vulnerabilities/11921

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

11-07-2017 - 01:29

Objavljeno

31-12-2003 - 05:00