CVE-2006-6131
7.3 High
AI Score
Confidence
Low
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory.
References
secunia.com/advisories/22906
securityreason.com/securityalert/1921
securitytracker.com/id?1017239
www.digitalmunition.com/DMA%5B2006-1115a%5D.txt
www.osvdb.org/30450
www.securityfocus.com/archive/1/451832/100/200/threaded
www.securityfocus.com/bid/21123
www.vupen.com/english/advisories/2006/4539
exchange.xforce.ibmcloud.com/vulnerabilities/30308
7.3 High
AI Score
Confidence
Low
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%