Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-6952

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-24 Jan, 2007 | 23:00
Updated At-07 Aug, 2024 | 20:50
Rejected At-
Credits

Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:24 Jan, 2007 | 23:00
Updated At:07 Aug, 2024 | 20:50
Rejected At:
▼CVE Numbering Authority (CNA)

Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/452286/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/21140
vdb-entry
x_refsource_BID
http://www.osvdb.org/30497
vdb-entry
x_refsource_OSVDB
http://www.securityfocus.com/archive/1/451952/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/22972
third-party-advisory
x_refsource_SECUNIA
http://www.osvdb.org/30498
vdb-entry
x_refsource_OSVDB
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/458040/100/200/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
x_refsource_MISC
Hyperlink: http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/archive/1/452286/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/21140
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.osvdb.org/30497
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.securityfocus.com/archive/1/451952/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/22972
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.osvdb.org/30498
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/archive/1/458040/100/200/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/archive/1/452286/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/21140
vdb-entry
x_refsource_BID
x_transferred
http://www.osvdb.org/30497
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.securityfocus.com/archive/1/451952/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/22972
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.osvdb.org/30498
vdb-entry
x_refsource_OSVDB
x_transferred
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/archive/1/458040/100/200/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
x_refsource_MISC
x_transferred
Hyperlink: http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/452286/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/21140
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.osvdb.org/30497
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/451952/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/22972
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.osvdb.org/30498
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/458040/100/200/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:24 Jan, 2007 | 23:28
Updated At:16 Oct, 2018 | 16:29

Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
CA Technologies (Broadcom Inc.)
ca
>>host-based_intrusion_prevention_system>>core_6.5.4.31
cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:*
CA Technologies (Broadcom Inc.)
ca
>>host-based_intrusion_prevention_system>>firewall_6.5.4.10
cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://secunia.com/advisories/22972cve@mitre.org
Vendor Advisory
http://www.osvdb.org/30497cve@mitre.org
N/A
http://www.osvdb.org/30498cve@mitre.org
N/A
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/451952/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/452286/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/458040/100/200/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/21140cve@mitre.org
Exploit
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729cve@mitre.org
N/A
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818cve@mitre.org
N/A
Hyperlink: http://secunia.com/advisories/22972
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.osvdb.org/30497
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/30498
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451952/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/452286/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/458040/100/200/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/21140
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

6Records found
CVE-2010-4502
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.22% / 44.15%
||
7 Day CHG~0.00%
Published-08 Dec, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to the 0x88000080 IOCTL, which triggers a buffer overflow.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)
Product-internet_security_suite_plus_2010n/a
CVE-2016-9795
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.69%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 22:01
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncOracle CorporationHP Inc.IBM CorporationBroadcom Inc.CA Technologies (Broadcom Inc.)
Product-systemedgeaixvirtual_assurance_for_infrastructure_managerssolarisclient_automationhp-uxlinux_kernelsystems_performance_for_infrastructure_managersuniversal_job_management_agentca_workload_automation_aen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2926
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.63%
||
7 Day CHG~0.00%
Published-12 Aug, 2008 | 23:00
Updated-07 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-host_based_intrusion_prevention_systempersonal_firewall_2008personal_firewall_2007internet_security_suite_2008internet_security_suiten/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-2523
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.52% / 65.61%
||
7 Day CHG~0.00%
Published-11 May, 2007 | 03:55
Updated-07 Aug, 2024 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-integrated_threat_managementanti-virus_for_the_enterprisen/a
CVE-2000-0781
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.87%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)
Product-arcserve_backupn/a
CVE-2021-28249
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.00%
||
7 Day CHG~0.00%
Published-26 Mar, 2021 | 07:11
Updated-03 Aug, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is run. The code in the library will be executed as the root user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-n/a
Product-ehealth_performance_managern/a
CWE ID-CWE-426
Untrusted Search Path
Details not found