1. CVE-Search
  2. CVE-2006-6952
ID CVE-2006-6952
Summary Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.
References
Vulnerable Configurations
  • cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:*
    cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:*
    cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 16-10-2018 - 16:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 21140
bugtraq
  • 20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.
  • 20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.
  • 20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities
confirm
misc http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
osvdb
  • 30497
  • 30498
secunia 22972
Last major update 16-10-2018 - 16:29
Published 24-01-2007 - 23:28
Last modified 16-10-2018 - 16:29
Back to Top