CVE-2006-6131

Sažetak

Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory.

Reference

http://www.securityfocus.com/bid/21123
http://www.osvdb.org/30450
http://securitytracker.com/id?1017239
http://secunia.com/advisories/22906
http://securityreason.com/securityalert/1921
http://www.vupen.com/english/advisories/2006/4539
https://exchange.xforce.ibmcloud.com/vulnerabilities/30308
http://www.securityfocus.com/archive/1/451832/100/200/threaded
http://www.digitalmunition.com/DMA%5B2006-1115a%5D.txt

CVSS

Base:	6.2
Impact:	10.0
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

07-11-2023 - 01:59

Objavljeno

28-11-2006 - 01:07