Vulnerabilities > CVE-2006-7129 - Unspecified vulnerability in ISS Blackice PC Protection 3.6Cpj/3.6Cpu
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN iss
exploit available
Summary
ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Internet Security Systems 3.6 ZWDeleteFile Function Arbitrary File Deletion Vulnerability. CVE-2006-7129. Local exploits for multiple platform |
| id | EDB-ID:28817 |
| last seen | 2016-02-03 |
| modified | 2006-10-16 |
| published | 2006-10-16 |
| reporter | Matousec Transparent security |
| source | https://www.exploit-db.com/download/28817/ |
| title | Internet Security Systems 3.6 = ZWDeleteFile Function Arbitrary File Deletion Vulnerability |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html
- http://securityreason.com/securityalert/2361
- http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php
- http://www.osvdb.org/30901
- http://www.securityfocus.com/archive/1/448763/100/0/threaded
- http://www.securityfocus.com/bid/20546
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29575
- http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29575
- http://www.securityfocus.com/bid/20546
- http://www.securityfocus.com/archive/1/448763/100/0/threaded
- http://www.osvdb.org/30901
- http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php
- http://securityreason.com/securityalert/2361