CVE-2006-6496 - The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Be

CVE-2006-6496

Summary

The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs.

References

Vulnerable Configurations

cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_antivirus:8.2:beta:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_antivirus:8.2:beta:*:*:*:*:*:*
cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*

CVSS

Base:	6.6 (as of 09-04-2021 - 17:08)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:S/C:C/I:C/A:C

refmap via4

bid	21593
bugtraq	20061214 [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities
confirm	http://crm.my-etrust.com/CIDocument.asp?KDId=2651&GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870
misc	http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=41
osvdb	30845
sectrack	1017381 1017382
secunia	23378
vupen	ADV-2006-5010
xf	ca-vetmonnt-vetfddnt-dos(30909)

Last major update

09-04-2021 - 17:08

Published

13-12-2006 - 21:28

Last modified

09-04-2021 - 17:08