CVE-2005-4525 - SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control

CVE-2005-4525

Summary

SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI (SmcGui.exe) and then killing the process, which causes the privileged management GUI to launch.

References

http://secunia.com/advisories/18175/
http://www.irmplc.com/advisory014.htm
http://www.securityfocus.com/archive/1/419909/100/0/threaded
http://www.securityfocus.com/bid/15977/

Vulnerable Configurations

cpe:2.3:a:sygate_technologies:protection_agent:5.0_build_6144:*:*:*:*:*:*:*
cpe:2.3:a:sygate_technologies:protection_agent:5.0_build_6144:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 19-10-2018 - 15:41)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	15977
bugtraq	20051220 IRM 014: Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent
misc	http://www.irmplc.com/advisory014.htm
secunia	18175

Last major update

19-10-2018 - 15:41

Published

28-12-2005 - 01:03

Last modified

19-10-2018 - 15:41