Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-5667
HistoryNov 14, 2007 - 1:46 a.m.

CVE-2007-5667

2007-11-1401:46:00
CWE-20
[email protected]
web.nvd.nist.gov
19
novell client
nwfilter.sys
cve-2007-5667
windows
privilege escalation
security vulnerability
kernel memory

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

JSON

NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the .\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.

Affected configurations

NVD
Node
microsoftwindows_2000adv_srv
OR
microsoftwindows_2000datacenter_srv
OR
microsoftwindows_2000pro
OR
microsoftwindows_2000srv
OR
microsoftwindows_2000srvja
OR
microsoftwindows_2000Match-
OR
microsoftwindows_2003_serveritanium
OR
microsoftwindows_2003_serverstd
OR
microsoftwindows_2003_serverwed
OR
microsoftwindows_2003_serverx64
OR
microsoftwindows_2003_serverx64-std
OR
microsoftwindows_2003_serverxp-64bit
OR
microsoftwindows_2003_serverMatch-
OR
microsoftwindows_server_2003
OR
microsoftwindows_xp64bit
OR
microsoftwindows_xpembedded
OR
microsoftwindows_xpibm_oem
OR
microsoftwindows_xpmedia_center
OR
microsoftwindows_xppro
OR
microsoftwindows_xptablet_pc
OR
microsoftwindows_xpx64
OR
microsoftwindows_xpMatch-
AND
novellclientMatch4.91sp1
OR
novellclientMatch4.91sp2
OR
novellclientMatch4.91sp3
OR
novellclientMatch4.91sp4
CPENameOperatorVersion
novell:clientnovell clienteq4.91

Related

securityvulns 2
prion 1
seebug 1
nvd 1
cvelist 1
securityvulns
securityvulns
Novell Netware client privilege escalation
2007-11-14 00:00:00
iDefense Security Advisory 11.12.07: Novell NetWare Client Local Privilege Escalation Vulnerability
2007-11-14 00:00:00
prion
prion
Memory corruption
2007-11-14 01:46:00
seebug
seebug
Novell Client for Windows NWFILTER.SYS驱动本地权限提升漏洞
2007-11-15 00:00:00
nvd
nvd
CVE-2007-5667
2007-11-14 01:46:00
cvelist
cvelist
CVE-2007-5667
2007-11-14 01:00:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

JSON
Related for CVE-2007-5667
securityvulns2prion1seebug1nvd1cvelist1