Vulnerability-Lookup

CVE-2006-6952 (GCVE-0-2006-6952)

Vulnerability from cvelistv5 – Published: 2007-01-24 23:00 – Updated: 2024-08-07 20:50

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

10 references

URL	Tags
http://www3.ca.com/securityadvisor/newsinfo/colla…	x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/452286/100…	mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/21140	vdb-entryx_refsource_BID
http://www.osvdb.org/30497	vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/archive/1/451952/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/22972	third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/30498	vdb-entryx_refsource_OSVDB
http://www3.ca.com/securityadvisor/vulninfo/vuln.…	x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/458040/100…	mailing-listx_refsource_BUGTRAQ
http://www.reversemode.com/index.php?option=com_r…	x_refsource_MISC

Date Public ?

2006-11-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:50:05.694Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
          },
          {
            "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
          },
          {
            "name": "21140",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21140"
          },
          {
            "name": "30497",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/30497"
          },
          {
            "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
          },
          {
            "name": "22972",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22972"
          },
          {
            "name": "30498",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/30498"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
          },
          {
            "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-11-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
        },
        {
          "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
        },
        {
          "name": "21140",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21140"
        },
        {
          "name": "30497",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/30497"
        },
        {
          "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
        },
        {
          "name": "22972",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22972"
        },
        {
          "name": "30498",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/30498"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
        },
        {
          "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6952",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729",
              "refsource": "CONFIRM",
              "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
            },
            {
              "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
            },
            {
              "name": "21140",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21140"
            },
            {
              "name": "30497",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/30497"
            },
            {
              "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
            },
            {
              "name": "22972",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22972"
            },
            {
              "name": "30498",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/30498"
            },
            {
              "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818",
              "refsource": "CONFIRM",
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
            },
            {
              "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
            },
            {
              "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38",
              "refsource": "MISC",
              "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6952",
    "datePublished": "2007-01-24T23:00:00.000Z",
    "dateReserved": "2007-01-24T00:00:00.000Z",
    "dateUpdated": "2024-08-07T20:50:05.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2006-6952",
      "date": "2026-05-15",
      "epss": "0.00308",
      "percentile": "0.54096"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-6952\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-01-24T23:28:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.\"},{\"lang\":\"es\",\"value\":\"Los controladores del Computer Associates Host Intrusion Prevention System (HIPS) (1) Core kmxstart.sys 6.5.4.31 y (2) Firewall kmxfw.sys 6.5.4.10 permite a usuarios locales la obtenci\u00f3n de privilegios mediante el uso de ciertos IOCTLs confidenciales para modificar los punteros a las llamadas a funciones.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BF54D34-D386-4C3C-ACF5-FBC99434CF80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B0C2928-E45C-4200-AB13-6B8566CF454A\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/22972\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/30497\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/30498\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/451952/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/452286/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/458040/100/200/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/21140\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/30497\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/30498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/451952/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/452286/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/458040/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/21140\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2006-6952

Vulnerability from fkie_nvd - Published: 2007-01-24 23:28 - Updated: 2026-04-23 00:35

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/22972	Vendor Advisory
cve@mitre.org	http://www.osvdb.org/30497
cve@mitre.org	http://www.osvdb.org/30498
cve@mitre.org	http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
cve@mitre.org	http://www.securityfocus.com/archive/1/451952/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/452286/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/458040/100/200/threaded
cve@mitre.org	http://www.securityfocus.com/bid/21140	Exploit
cve@mitre.org	http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
cve@mitre.org	http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22972	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/30497
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/30498
af854a3a-2127-422b-91ae-364da2661108	http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451952/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/452286/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/458040/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/21140	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
af854a3a-2127-422b-91ae-364da2661108	http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818

Impacted products

	Vendor	Product	Version
	ca	host-based_intrusion_prevention_system	core_6.5.4.31
	ca	host-based_intrusion_prevention_system	firewall_6.5.4.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF54D34-D386-4C3C-ACF5-FBC99434CF80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0C2928-E45C-4200-AB13-6B8566CF454A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
    },
    {
      "lang": "es",
      "value": "Los controladores del Computer Associates Host Intrusion Prevention System (HIPS) (1) Core kmxstart.sys 6.5.4.31 y (2) Firewall kmxfw.sys 6.5.4.10 permite a usuarios locales la obtenci\u00f3n de privilegios mediante el uso de ciertos IOCTLs confidenciales para modificar los punteros a las llamadas a funciones."
    }
  ],
  "id": "CVE-2006-6952",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-01-24T23:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22972"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/30497"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/30498"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/21140"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22972"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/30497"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/30498"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/21140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-200701-0265

Vulnerability from variot - Updated: 2025-04-10 23:09

Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. An attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. These isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges.

To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.

The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.

This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links

Read the full description: http://corporate.secunia.com/products/48/?r=l

Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l

TITLE: CA Personal Firewall HIPS Drivers Privilege Escalation

SECUNIA ADVISORY ID: SA22972

VERIFY ADVISORY: http://secunia.com/advisories/22972/

CRITICAL: Less critical

IMPACT: Privilege escalation

WHERE: Local system

SOFTWARE: CA Personal Firewall 2007 9.x http://secunia.com/product/12660/

DESCRIPTION: Rub\xe9n Santamarta has reported some vulnerabilities in CA Personal Firewall, which can be exploited by malicious people to gain escalated privileges.

The vulnerabilities are caused due to errors in the HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be exploited to modify some implemented callbacks via certain privileged IOCTLs. Other versions and products may also be affected.

SOLUTION: Grant only trusted users access to affected systems.

The vendor is reportedly working on the patches.

PROVIDED AND/OR DISCOVERED BY: Rub\xe9n Santamarta, reversemode.com.

ORIGINAL ADVISORY: Reversemode.com: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. Local attackers can exploit these vulnerabilities to gain escalated privileges.

Mitigating Factors: Local user account required for exploitation.

Severity: CA has given these vulnerability issues a Medium risk rating. Customers running one of the affected products simply need to ensure that they have allowed this automatic update to take place.

Determining if you are affected: To ensure that the update has taken place, customers can view the Help > About screen in their CA Personal Firewall product and confirm that their engine version number is 1.0.176 or higher. http://marc.theaimsgroup.com/?l=bugtraq&m=116379521731676&w=2

Changelog for this advisory: v1.0 - Initial Release

Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory, please send email to vuln@ca.com.

If you discover a vulnerability in CA products, please report your findings to vuln@ca.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx

Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research

CA, One CA Plaza, Islandia, NY 11749

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200701-0265",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "host-based intrusion prevention system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ca",
        "version": "firewall_6.5.4.10"
      },
      {
        "model": "host-based intrusion prevention system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ca",
        "version": "core_6.5.4.31"
      },
      {
        "model": "host-based intrusion prevention system",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ca",
        "version": "core kmxstart.sys 6.5.4.31"
      },
      {
        "model": "host-based intrusion prevention system",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ca",
        "version": "firewall kmxfw.sys 6.5.4.10"
      },
      {
        "model": "associates personal firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "9.0"
      },
      {
        "model": "associates internet security suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20073.0"
      },
      {
        "model": "associates internet security suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20070"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "21140"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6952"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:ca:host-based_intrusion_prevention_system",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rub\u00e9n Santamarta",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-6952",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2006-6952",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-23060",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-6952",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2006-6952",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200701-407",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-23060",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23060"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6952"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. \nAn attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. \nThese isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Personal Firewall HIPS Drivers Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA22972\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22972/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nCA Personal Firewall 2007 9.x\nhttp://secunia.com/product/12660/\n\nDESCRIPTION:\nRub\\xe9n Santamarta has reported some vulnerabilities in CA Personal\nFirewall, which can be exploited by malicious people to gain\nescalated privileges. \n\nThe vulnerabilities are caused due to errors in the HIPS Core\n(KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be\nexploited to modify some implemented callbacks via certain privileged\nIOCTLs. Other versions and products may also be affected. \n\nSOLUTION:\nGrant only trusted users access to affected systems. \n\nThe vendor is reportedly working on the patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nRub\\xe9n Santamarta, reversemode.com. \n\nORIGINAL ADVISORY:\nReversemode.com:\nhttp://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Local attackers can exploit these vulnerabilities to gain \nescalated privileges. \n\nMitigating Factors: Local user account required for exploitation. \n\nSeverity: CA has given these vulnerability issues a Medium risk \nrating. Customers running one of the affected products \nsimply need to ensure that they have allowed this automatic update \nto take place. \n\nDetermining if you are affected:\nTo ensure that the update has taken place, customers can view the \nHelp \u003e About screen in their CA Personal Firewall product and \nconfirm that their engine version number is 1.0.176 or higher. \nhttp://marc.theaimsgroup.com/?l=bugtraq\u0026m=116379521731676\u0026w=2\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA \nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory,\nplease send email to vuln@ca.com. \n\nIf you discover a vulnerability in CA products, please report\nyour findings to vuln@ca.com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, One CA Plaza, Islandia, NY 11749\n\t\nContact http://www3.ca.com/contact/\nLegal Notice http://www3.ca.com/legal/\nPrivacy Policy http://www3.ca.com/privacy/\nCopyright (c) 2007 CA. All rights reserved",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-6952"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      },
      {
        "db": "BID",
        "id": "21140"
      },
      {
        "db": "VULHUB",
        "id": "VHN-23060"
      },
      {
        "db": "PACKETSTORM",
        "id": "52231"
      },
      {
        "db": "PACKETSTORM",
        "id": "53998"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-23060",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23060"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-6952",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "21140",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "22972",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "30497",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "30498",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407",
        "trust": 0.7
      },
      {
        "db": "BUGTRAQ",
        "id": "20070124 [CAID 34818]: CA PERSONAL FIREWALL MULTIPLE PRIVILEGE ESCALATION VULNERABILITIES",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20061116 [REVERSEMODE ADVISORY] COMPUTER ASSOCIATES HIPS DRIVERS - MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES.",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20061121 RE: [REVERSEMODE ADVISORY] COMPUTER ASSOCIATES HIPS DRIVERS - MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES.",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "53998",
        "trust": 0.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "29069",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "29070",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-82607",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-82608",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-23060",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "52231",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23060"
      },
      {
        "db": "BID",
        "id": "21140"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      },
      {
        "db": "PACKETSTORM",
        "id": "52231"
      },
      {
        "db": "PACKETSTORM",
        "id": "53998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6952"
      }
    ]
  },
  "id": "VAR-200701-0265",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23060"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-10T23:09:52.450000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.ca.com/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-6952"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
      },
      {
        "trust": 1.8,
        "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/21140"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/30497"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/30498"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/22972"
      },
      {
        "trust": 1.7,
        "url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=fileinfo\u0026id=38"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6952"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6952"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/451952/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/458040/100/200/threaded"
      },
      {
        "trust": 0.3,
        "url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=download\u0026id=38\u0026chk=23a19c23a44e6095e872e8b3f7fca9c8"
      },
      {
        "trust": 0.3,
        "url": "http://www.ca.com"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/451952"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/452286"
      },
      {
        "trust": 0.1,
        "url": "http://www.reversemode.com/index.php?option=com_remository\u0026amp;itemid=2\u0026amp;func=fileinfo\u0026amp;id=38"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/22972/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12660/"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/products/48/?r=l"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=27\u0026itemid=2"
      },
      {
        "trust": 0.1,
        "url": "http://osvdb.org/30498"
      },
      {
        "trust": 0.1,
        "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=116379521731676\u0026w=2"
      },
      {
        "trust": 0.1,
        "url": "http://supportconnect.ca.com."
      },
      {
        "trust": 0.1,
        "url": "http://www3.ca.com/legal/"
      },
      {
        "trust": 0.1,
        "url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=document\u0026openparameter=2680"
      },
      {
        "trust": 0.1,
        "url": "http://supportconnect.ca.com/"
      },
      {
        "trust": 0.1,
        "url": "http://osvdb.org/30497"
      },
      {
        "trust": 0.1,
        "url": "http://www3.ca.com/contact/"
      },
      {
        "trust": 0.1,
        "url": "http://www3.ca.com/privacy/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-6952"
      },
      {
        "trust": 0.1,
        "url": "http://www3.ca.com/securityadvisor/vulninfo/submit.aspx"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23060"
      },
      {
        "db": "BID",
        "id": "21140"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      },
      {
        "db": "PACKETSTORM",
        "id": "52231"
      },
      {
        "db": "PACKETSTORM",
        "id": "53998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6952"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-23060"
      },
      {
        "db": "BID",
        "id": "21140"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      },
      {
        "db": "PACKETSTORM",
        "id": "52231"
      },
      {
        "db": "PACKETSTORM",
        "id": "53998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6952"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-01-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-23060"
      },
      {
        "date": "2006-11-16T00:00:00",
        "db": "BID",
        "id": "21140"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      },
      {
        "date": "2006-11-17T23:30:18",
        "db": "PACKETSTORM",
        "id": "52231"
      },
      {
        "date": "2007-01-27T03:02:12",
        "db": "PACKETSTORM",
        "id": "53998"
      },
      {
        "date": "2006-11-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      },
      {
        "date": "2007-01-24T23:28:00",
        "db": "NVD",
        "id": "CVE-2006-6952"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-23060"
      },
      {
        "date": "2007-01-25T22:29:00",
        "db": "BID",
        "id": "21140"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      },
      {
        "date": "2007-01-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      },
      {
        "date": "2025-04-09T00:30:58.490000",
        "db": "NVD",
        "id": "CVE-2006-6952"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "21140"
      },
      {
        "db": "PACKETSTORM",
        "id": "53998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Computer Associates HIPS Driver  Core kmxstart.sys Vulnerabilities in which user privileges are acquired",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001244"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "21140"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-407"
      }
    ],
    "trust": 0.9
  }
}

GSD-2006-6952

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-6952

Aliases

CVE-2006-6952

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-6952",
    "description": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.",
    "id": "GSD-2006-6952"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-6952"
      ],
      "details": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.",
      "id": "GSD-2006-6952",
      "modified": "2023-12-13T01:19:54.003469Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-6952",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729",
            "refsource": "CONFIRM",
            "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
          },
          {
            "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
          },
          {
            "name": "21140",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/21140"
          },
          {
            "name": "30497",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/30497"
          },
          {
            "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
          },
          {
            "name": "22972",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22972"
          },
          {
            "name": "30498",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/30498"
          },
          {
            "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818",
            "refsource": "CONFIRM",
            "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
          },
          {
            "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
          },
          {
            "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38",
            "refsource": "MISC",
            "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6952"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
            },
            {
              "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
            },
            {
              "name": "21140",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/21140"
            },
            {
              "name": "22972",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22972"
            },
            {
              "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
            },
            {
              "name": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
            },
            {
              "name": "30497",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/30497"
            },
            {
              "name": "30498",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/30498"
            },
            {
              "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
            },
            {
              "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-16T16:29Z",
      "publishedDate": "2007-01-24T23:28Z"
    }
  }
}

GHSA-V47F-FHWW-M8GV

Vulnerability from github – Published: 2022-05-01 07:43 – Updated: 2022-05-01 07:43

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-6952"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-01-24T23:28:00Z",
    "severity": "HIGH"
  },
  "details": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.",
  "id": "GHSA-v47f-fhww-m8gv",
  "modified": "2022-05-01T07:43:13Z",
  "published": "2022-05-01T07:43:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6952"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22972"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/30497"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/30498"
    },
    {
      "type": "WEB",
      "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/21140"
    },
    {
      "type": "WEB",
      "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
    },
    {
      "type": "WEB",
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-6952 (GCVE-0-2006-6952)

FKIE_CVE-2006-6952

VAR-200701-0265

GSD-2006-6952

GHSA-V47F-FHWW-M8GV

Tags

Sightings

Nomenclature