1. CVE-Search
  2. CVE-2006-4184
ID CVE-2006-4184
Summary SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists (ACL) in raw mode, which allows local users to bypass NTFS controls and obtain sensitive information. This vulnerability is addressed in the following product releases: SmartLine, DeviceLock, 5.73 Build 305 SmartLine, DeviceLock, 6.0
References
Vulnerable Configurations
  • cpe:2.3:a:smartline:devicelock:5.72:*:*:*:*:*:*:*
    cpe:2.3:a:smartline:devicelock:5.72:*:*:*:*:*:*:*
  • cpe:2.3:a:smartline:devicelock:5.73_build_288:*:*:*:*:*:*:*
    cpe:2.3:a:smartline:devicelock:5.73_build_288:*:*:*:*:*:*:*
  • cpe:2.3:a:smartline:devicelock:5.73_build_300:*:*:*:*:*:*:*
    cpe:2.3:a:smartline:devicelock:5.73_build_300:*:*:*:*:*:*:*
  • cpe:2.3:a:smartline:devicelock:5.73_build_303:*:*:*:*:*:*:*
    cpe:2.3:a:smartline:devicelock:5.73_build_303:*:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 17-10-2018 - 21:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:N/A:N
refmap via4
bid 19500
bugtraq 20060813 Local privilege Escalation in SmartLine DeviceLock 5.73
confirm http://www.protect-me.com/dl/whatsnew.html
secunia 21494
sreason 1392
xf devicelock-acl-security-bypass(28384)
Last major update 17-10-2018 - 21:33
Published 17-08-2006 - 00:04
Last modified 17-10-2018 - 21:33
Back to Top