CVE-2006-6952

Current Description

Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.

Basic Data

PublishedJanuary 24, 2007
Last ModifiedOctober 16, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score7.2
SeverityHIGH
Exploitability Score3.9
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationCaHost-based Intrusion Prevention Systemcore_6.5.4.31*******
    2.3ApplicationCaHost-based Intrusion Prevention Systemfirewall_6.5.4.10*******

Vulnerable Software List

VendorProductVersions
Ca Host-based Intrusion Prevention System core_6.5.4.31, firewall_6.5.4.10

References

NameSourceURLTags
22972http://secunia.com/advisories/22972SECUNIAVendor Advisory
30497http://www.osvdb.org/30497OSVDB
30498http://www.osvdb.org/30498OSVDB
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38MISC
20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.http://www.securityfocus.com/archive/1/451952/100/0/threadedBUGTRAQ
20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.http://www.securityfocus.com/archive/1/452286/100/0/threadedBUGTRAQ
20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilitieshttp://www.securityfocus.com/archive/1/458040/100/200/threadedBUGTRAQ
21140http://www.securityfocus.com/bid/21140BIDExploit
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729CONFIRM
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818CONFIRM