VAR-200701-0265
Vulnerability from variot - Updated: 2023-12-18 14:06Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. An attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. These isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: CA Personal Firewall HIPS Drivers Privilege Escalation
SECUNIA ADVISORY ID: SA22972
VERIFY ADVISORY: http://secunia.com/advisories/22972/
CRITICAL: Less critical
IMPACT: Privilege escalation
WHERE: Local system
SOFTWARE: CA Personal Firewall 2007 9.x http://secunia.com/product/12660/
DESCRIPTION: Rub\xe9n Santamarta has reported some vulnerabilities in CA Personal Firewall, which can be exploited by malicious people to gain escalated privileges.
The vulnerabilities are caused due to errors in the HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be exploited to modify some implemented callbacks via certain privileged IOCTLs. Other versions and products may also be affected.
SOLUTION: Grant only trusted users access to affected systems.
The vendor is reportedly working on the patches.
PROVIDED AND/OR DISCOVERED BY: Rub\xe9n Santamarta, reversemode.com.
ORIGINAL ADVISORY: Reversemode.com: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Local attackers can exploit these vulnerabilities to gain escalated privileges.
Mitigating Factors: Local user account required for exploitation.
Severity: CA has given these vulnerability issues a Medium risk rating. Customers running one of the affected products simply need to ensure that they have allowed this automatic update to take place.
Determining if you are affected: To ensure that the update has taken place, customers can view the Help > About screen in their CA Personal Firewall product and confirm that their engine version number is 1.0.176 or higher. http://marc.theaimsgroup.com/?l=bugtraq&m=116379521731676&w=2
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln@ca.com.
If you discover a vulnerability in CA products, please report your findings to vuln@ca.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, One CA Plaza, Islandia, NY 11749
Contact http://www3.ca.com/contact/ Legal Notice http://www3.ca.com/legal/ Privacy Policy http://www3.ca.com/privacy/ Copyright (c) 2007 CA. All rights reserved
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0265",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "firewall_6.5.4.10"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "core_6.5.4.31"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "core kmxstart.sys 6.5.4.31"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "firewall kmxfw.sys 6.5.4.10"
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20070"
}
],
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rub\u00e9n Santamarta",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 0.6
},
"cve": "CVE-2006-6952",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2006-6952",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-23060",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-6952",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-407",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-23060",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. \nAn attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. \nThese isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Personal Firewall HIPS Drivers Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA22972\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22972/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nCA Personal Firewall 2007 9.x\nhttp://secunia.com/product/12660/\n\nDESCRIPTION:\nRub\\xe9n Santamarta has reported some vulnerabilities in CA Personal\nFirewall, which can be exploited by malicious people to gain\nescalated privileges. \n\nThe vulnerabilities are caused due to errors in the HIPS Core\n(KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be\nexploited to modify some implemented callbacks via certain privileged\nIOCTLs. Other versions and products may also be affected. \n\nSOLUTION:\nGrant only trusted users access to affected systems. \n\nThe vendor is reportedly working on the patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nRub\\xe9n Santamarta, reversemode.com. \n\nORIGINAL ADVISORY:\nReversemode.com:\nhttp://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Local attackers can exploit these vulnerabilities to gain \nescalated privileges. \n\nMitigating Factors: Local user account required for exploitation. \n\nSeverity: CA has given these vulnerability issues a Medium risk \nrating. Customers running one of the affected products \nsimply need to ensure that they have allowed this automatic update \nto take place. \n\nDetermining if you are affected:\nTo ensure that the update has taken place, customers can view the \nHelp \u003e About screen in their CA Personal Firewall product and \nconfirm that their engine version number is 1.0.176 or higher. \nhttp://marc.theaimsgroup.com/?l=bugtraq\u0026m=116379521731676\u0026w=2\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA \nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory,\nplease send email to vuln@ca.com. \n\nIf you discover a vulnerability in CA products, please report\nyour findings to vuln@ca.com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, One CA Plaza, Islandia, NY 11749\n\t\nContact http://www3.ca.com/contact/\nLegal Notice http://www3.ca.com/legal/\nPrivacy Policy http://www3.ca.com/privacy/\nCopyright (c) 2007 CA. All rights reserved",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23060",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-6952",
"trust": 2.9
},
{
"db": "BID",
"id": "21140",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "22972",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "30497",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "30498",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20070124 [CAID 34818]: CA PERSONAL FIREWALL MULTIPLE PRIVILEGE ESCALATION VULNERABILITIES",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061116 [REVERSEMODE ADVISORY] COMPUTER ASSOCIATES HIPS DRIVERS - MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES.",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061121 RE: [REVERSEMODE ADVISORY] COMPUTER ASSOCIATES HIPS DRIVERS - MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES.",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "53998",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "29069",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "29070",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-82607",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-82608",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23060",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52231",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"id": "VAR-200701-0265",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:06:46.828000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
},
{
"trust": 1.8,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21140"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30497"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30498"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/22972"
},
{
"trust": 1.7,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=fileinfo\u0026id=38"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6952"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6952"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/451952/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/458040/100/200/threaded"
},
{
"trust": 0.3,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=download\u0026id=38\u0026chk=23a19c23a44e6095e872e8b3f7fca9c8"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/451952"
},
{
"trust": 0.3,
"url": "/archive/1/452286"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026amp;itemid=2\u0026amp;func=fileinfo\u0026amp;id=38"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22972/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12660/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=27\u0026itemid=2"
},
{
"trust": 0.1,
"url": "http://osvdb.org/30498"
},
{
"trust": 0.1,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=116379521731676\u0026w=2"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://www3.ca.com/legal/"
},
{
"trust": 0.1,
"url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=document\u0026openparameter=2680"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/30497"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/contact/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/privacy/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-6952"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/securityadvisor/vulninfo/submit.aspx"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-24T00:00:00",
"db": "VULHUB",
"id": "VHN-23060"
},
{
"date": "2006-11-16T00:00:00",
"db": "BID",
"id": "21140"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"date": "2006-11-17T23:30:18",
"db": "PACKETSTORM",
"id": "52231"
},
{
"date": "2007-01-27T03:02:12",
"db": "PACKETSTORM",
"id": "53998"
},
{
"date": "2007-01-24T23:28:00",
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"date": "2006-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-23060"
},
{
"date": "2007-01-25T22:29:00",
"db": "BID",
"id": "21140"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"date": "2018-10-16T16:29:10.037000",
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"date": "2007-01-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates HIPS Driver Core kmxstart.sys Vulnerabilities in which user privileges are acquired",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…