Privilege Escalation via Nortel Contivity VPN Client V05_01.030 Certificate Configuration Vulnerability
CVE-2005-2579 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box.
Learn more about our User Device Pen Test.