CVE-2006-6476

2006-12-20T02:28:00
ID CVE-2006-6476
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:48:00

Description

FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and when the agent is bound to 0.0.0.0 (all interfaces), opens sockets in non-exclusive mode, which allows local users to hijack the socket, and capture data or cause a denial of service (loss of daemon operation). Successful exploitation requires that the affected products are run in daemon mode and when the agent is bound to 0.0.0.0 (all interfaces). This vulnerability is addressed in the following product release: Mandiant, First Response, 1.1.1