CVE-2006-6131

2006-11-28T01:07:00
ID CVE-2006-6131
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:46:00

Description

Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory. Successful exploitation requires that the attacker is part of the "admin" group or the "webstar" user.