FKIE_CVE-2006-3074

Vulnerability from fkie_nvd - Published: 2006-06-19 10:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.
References
cve@mitre.orghttp://secunia.com/advisories/20629Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/25603Vendor Advisory
cve@mitre.orghttp://uninformed.org/index.cgi?v=4&a=4&p=4
cve@mitre.orghttp://uninformed.org/index.cgi?v=4&a=4&p=7
cve@mitre.orghttp://www.kaspersky.com/technews?id=203038695
cve@mitre.orghttp://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
cve@mitre.orghttp://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15
cve@mitre.orghttp://www.rootkit.com/newsread.php?newsid=726
cve@mitre.orghttp://www.securityfocus.com/archive/1/471453/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/18341
cve@mitre.orghttp://www.securityfocus.com/bid/24491
cve@mitre.orghttp://www.securitytracker.com/id?1018257
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/2333Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/2145Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27104
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34875
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20629Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25603Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://uninformed.org/index.cgi?v=4&a=4&p=4
af854a3a-2127-422b-91ae-364da2661108http://uninformed.org/index.cgi?v=4&a=4&p=7
af854a3a-2127-422b-91ae-364da2661108http://www.kaspersky.com/technews?id=203038695
af854a3a-2127-422b-91ae-364da2661108http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
af854a3a-2127-422b-91ae-364da2661108http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15
af854a3a-2127-422b-91ae-364da2661108http://www.rootkit.com/newsread.php?newsid=726
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/471453/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18341
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/24491
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018257
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2333Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2145Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27104
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34875
Impacted products
Vendor Product Version
kaspersky kaspersky_anti-virus 6.0
kaspersky kaspersky_anti-virus 7.0
kaspersky kaspersky_internet_security 6.0
kaspersky kaspersky_internet_security 7.0
kaspersky kaspersky_anti-virus 6.0
microsoft windows *
microsoft windows_server *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8015458-2645-482D-A0D3-B08B73655E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85D0F7D-B2F5-49D2-9CA8-1B02A4A72872",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "016D3A82-25B8-433E-B159-DC8EBBF68733",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF832371-8A92-4FF6-BB6E-AECB2E5CE7E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8015458-2645-482D-A0D3-B08B73655E06",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDA0CCC0-F2BE-4AF8-844E-CEA1B276792D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess."
    },
    {
      "lang": "es",
      "value": "klif.sys en Kaspersky Internet Security v6.0 y v7.0, Kaspersky Anti-Virus (KAV) v6.0 y v7.0, KAV v6.0 para Windows Workstations, y KAV v6.0 para Windows Servers no validan de forma adecuada ciertos par\u00e1metros de llamadas al sistema \"enganchadas\" sobre (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, y (12) NtQueryValueKey, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (reinicio) a trav\u00e9s de un par\u00e1metro inv\u00e1lido, como se demostr\u00f3 con el par\u00e1metro  ClientId sobre NtOpenProcess."
    }
  ],
  "id": "CVE-2006-3074",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-06-19T10:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20629"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25603"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kaspersky.com/technews?id=203038695"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.rootkit.com/newsread.php?newsid=726"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18341"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24491"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018257"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2333"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2145"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kaspersky.com/technews?id=203038695"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.rootkit.com/newsread.php?newsid=726"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18341"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.