CVE-2006-6131
6.2 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
0.4%
Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory.
Affected configurations
References
secunia.com/advisories/22906
securityreason.com/securityalert/1921
securitytracker.com/id?1017239
www.digitalmunition.com/DMA%5B2006-1115a%5D.txt
www.osvdb.org/30450
www.securityfocus.com/archive/1/451832/100/200/threaded
www.securityfocus.com/bid/21123
www.vupen.com/english/advisories/2006/4539
exchange.xforce.ibmcloud.com/vulnerabilities/30308
6.2 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
0.4%