NVD

Id
33123  
Name
CVE-2014-5455  
Description
Unquoted Windows search path vulnerability in the ptservice service in PrivateTunnel 2.3.8, as bundled in OpenVPN 2.1.28.0 allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.  
Reject
 
CVSS Version
2  
CVSS Score
6.9  
Severity
Medium  
CVSS Base Score
6.9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2014-08-25  
Modified Date
2016-11-14  
Seq
2014-5455  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
173648 33123 CVE-2014-5455 http://packetstormsecurity.com/files/127439/OpenVPN-Private-Tunnel-Privilege-Escalation.html  View
173649 33123 CVE-2014-5455 34037  View
173650 33123 CVE-2014-5455 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5192.php  View
173651 33123 CVE-2014-5455 HPSBGN3551  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
15068 JVNDB-2014-003943 OpenVPN に同梱された PrivateTunnel の ptservice サービスにおける権限を取得される脆弱性 OpenVPN に同梱された PrivateTunnel の ptservice サービスには、引用符で囲まれていない Windows 検索パスにより、権限を取得される脆弱性が存在します。 CVE-2014-5455 72745 CVE-2014-5455 33123 6.9 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003943.html 2014-07-11 2014-08-27 View