CVE-2006-6131

Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kerio:webstar:*:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:4.0:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.2:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.3:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:kerio:webstar:5.4:*:*:*:*:*:*:*

History

21 Nov 2024, 00:21

Type Values Removed Values Added
References () http://secunia.com/advisories/22906 - Exploit, Vendor Advisory () http://secunia.com/advisories/22906 - Exploit, Vendor Advisory
References () http://securityreason.com/securityalert/1921 - () http://securityreason.com/securityalert/1921 -
References () http://securitytracker.com/id?1017239 - Exploit () http://securitytracker.com/id?1017239 - Exploit
References () http://www.digitalmunition.com/DMA%5B2006-1115a%5D.txt - () http://www.digitalmunition.com/DMA%5B2006-1115a%5D.txt -
References () http://www.osvdb.org/30450 - Exploit () http://www.osvdb.org/30450 - Exploit
References () http://www.securityfocus.com/archive/1/451832/100/200/threaded - () http://www.securityfocus.com/archive/1/451832/100/200/threaded -
References () http://www.securityfocus.com/bid/21123 - Exploit () http://www.securityfocus.com/bid/21123 - Exploit
References () http://www.vupen.com/english/advisories/2006/4539 - () http://www.vupen.com/english/advisories/2006/4539 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/30308 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/30308 -

Information

Published : 2006-11-28 01:07

Updated : 2024-11-21 00:21


NVD link : CVE-2006-6131

Mitre link : CVE-2006-6131

CVE.ORG link : CVE-2006-6131


JSON object : View

Products Affected

kerio

  • webstar