CVE-2006-6477

2006-12-20T02:28:00
ID CVE-2006-6477
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:48:00

Description

FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and configured to use only HTTP, allows local users to modify requests and responses between a client and an agent by hijacking an HTTP FRAgent daemon and conducting a man-in-the-middle (MITM) attack. Sucessful exploitation requires that the affected products are run in daemon mode and configured to use only HTTP. This vulnerability is addressed in the following product release: Mandiant, First Response, 1.1.1