Vulnerability Name:

CVE-2005-2986 (CCN-22297)

Assigned:2005-09-15
Published:2005-09-15
Updated:2017-07-11
Summary:The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusBlock 2005 Build 6.0.0.383, V3Net for Windows Server 6.0 Build 6.0.0.383 does not properly validate the source of the DeviceIoControl commands, which allows remote attackers to gain privileges.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2005-2986

Source: MITRE
Type: CNA
CVE-2005-3029

Source: MITRE
Type: CNA
CVE-2005-3030

Source: CCN
Type: AhnLab V3Pro Web site
AhnLab V3Pro

Source: CCN
Type: ASEC Advisory SA-2005-001
AhnLab V3 Compressed File Directory Traversal and Privilege Escalation Vulnerability

Source: CONFIRM
Type: Patch, Vendor Advisory
http://info.ahnlab.com/english/advisory/01.html

Source: BUGTRAQ
Type: UNKNOWN
20050919 Secunia Research: Ahnlab V3 Antivirus Multiple Vulnerabilities

Source: CCN
Type: SA15674
AhnLab V3 Antivirus Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
15674

Source: CCN
Type: OSVDB ID: 19414
AhnLab V3 Anti-Virus v3flt2k.sys DeviceIoControl() Local Privilege Escalation

Source: CCN
Type: OSVDB ID: 19415
AhnLab V3 Anti-Virus ACE Archive Decompression Long Filename Overflow

Source: CCN
Type: OSVDB ID: 19416
AhnLab V3 Anti-Virus Archive Decompression Traversal Arbitrary File Write

Source: CCN
Type: BID-14844
Ahnlab V3 Antivirus ACE Archive Handling Remote Buffer Overflow Vulnerability

Source: BID
Type: UNKNOWN
14847

Source: CCN
Type: BID-14847
AEwebworks aeDating Search_Result.PHP SQL Injection Vulnerability

Source: CCN
Type: BID-14848
Ahnlab V3 Antivirus ACE Archive Handling Directory Traversal Vulnerability

Source: CCN
Type: BID-14850
Ahnlab V3 Antivirus Privilege Escalation Vulnerability

Source: XF
Type: UNKNOWN
ahnlab-v3flt2k-gain-privilege(22297)

Source: XF
Type: UNKNOWN
ahnlab-v3flt2k-gain-privilege(22297)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ahnlab:v3_virusblock_2005:6.0.0.383:*:*:*:*:*:*:*
  • OR cpe:/a:ahnlab:v3net:6.0.0.383:*:win_server:*:*:*:*:*
  • OR cpe:/a:ahnlab:v3pro_2004:6.0.0.383:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ahnlab v3 virusblock 2005 6.0.0.383
    ahnlab v3net 6.0.0.383
    ahnlab v3pro 2004 6.0.0.383