Vulnerabilities > CVE-2006-6952 - Products Drivers Multiple Local Privilege Escalation Vulenrabilities in Computer Associates
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
description Computer Associates Personal Firewall 9.0 HIPS Driver (kmxstart.sys) Local Privilege Escalation. CVE-2006-6952. Local exploit for windows platform id EDB-ID:29070 last seen 2016-02-03 modified 2006-11-16 published 2006-11-16 reporter Ruben Santamarta source https://www.exploit-db.com/download/29070/ title Computer Associates Personal Firewall 9.0 - HIPS Driver kmxstart.sys Local Privilege Escalation description Computer Associates Personal Firewall 9.0 HIPS Driver (kmxfw.sys) Local Privilege Escalation. CVE-2006-6952. Local exploit for windows platform id EDB-ID:29069 last seen 2016-02-03 modified 2006-11-16 published 2006-11-16 reporter Ruben Santamarta source https://www.exploit-db.com/download/29069/ title Computer Associates Personal Firewall 9.0 - HIPS Driver kmxfw.sys Local Privilege Escalation
References
- http://secunia.com/advisories/22972
- http://www.osvdb.org/30497
- http://www.osvdb.org/30498
- http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
- http://www.securityfocus.com/archive/1/451952/100/0/threaded
- http://www.securityfocus.com/archive/1/452286/100/0/threaded
- http://www.securityfocus.com/archive/1/458040/100/200/threaded
- http://www.securityfocus.com/bid/21140
- http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818