ID CVE-2005-2986
Summary The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusBlock 2005 Build 6.0.0.383, V3Net for Windows Server 6.0 Build 6.0.0.383 does not properly validate the source of the DeviceIoControl commands, which allows remote attackers to gain privileges.
References
Vulnerable Configurations
  • cpe:2.3:a:ahnlab:v3_virusblock_2005:6.0.0.383:*:*:*:*:*:*:*
    cpe:2.3:a:ahnlab:v3_virusblock_2005:6.0.0.383:*:*:*:*:*:*:*
  • cpe:2.3:a:ahnlab:v3net:6.0.0.383:*:win_server:*:*:*:*:*
    cpe:2.3:a:ahnlab:v3net:6.0.0.383:*:win_server:*:*:*:*:*
  • cpe:2.3:a:ahnlab:v3pro_2004:6.0.0.383:*:*:*:*:*:*:*
    cpe:2.3:a:ahnlab:v3pro_2004:6.0.0.383:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 14847
bugtraq 20050919 Secunia Research: Ahnlab V3 Antivirus Multiple Vulnerabilities
confirm http://info.ahnlab.com/english/advisory/01.html
secunia 15674
xf ahnlab-v3flt2k-gain-privilege(22297)
Last major update 11-07-2017 - 01:33
Published 20-09-2005 - 00:03
Last modified 11-07-2017 - 01:33
Back to Top