Vulnerability Name: | CVE-2006-6621 (CCN-31060) | ||||||||
Assigned: | 2006-12-15 | ||||||||
Published: | 2006-12-15 | ||||||||
Updated: | 2018-10-17 | ||||||||
Summary: | Filseclab Personal Firewall 3.0.0.8686 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. | ||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Bypass Security | ||||||||
References: | Source: CCN Type: BugTraq Mailing List, Fri Dec 15 2006 - 12:42:11 CST Bypassing process identification of several personal firewalls and HIPS Source: MITRE Type: CNA CVE-2006-6618 Source: MITRE Type: CNA CVE-2006-6619 Source: MITRE Type: CNA CVE-2006-6620 Source: MITRE Type: CNA CVE-2006-6621 Source: MITRE Type: CNA CVE-2006-6622 Source: MITRE Type: CNA CVE-2006-6623 Source: MISC Type: UNKNOWN http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip Source: CCN Type: Matousec Transparent Security Advisory 2006-12-15.01 Bypassing process identification of several personal firewalls and HIPS Source: MISC Type: Vendor Advisory http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php Source: CCN Type: OSVDB ID: 33308 AntiHook Process Environment Block (PEB) Process Control Bypass Source: CCN Type: OSVDB ID: 33309 AVG Anti-Virus plus Firewall Process Environment Block (PEB) Process Control Bypass Source: CCN Type: OSVDB ID: 33310 Comodo Personal Firewall Process Environment Block (PEB) Process Control Bypass Source: CCN Type: OSVDB ID: 33311 Filseclab Personal Firewall Process Environment Block (PEB) Process Control Bypass Source: CCN Type: OSVDB ID: 33312 Soft4Ever Look 'n' Stop (LnS) Process Environment Block (PEB) Process Control Bypass Source: CCN Type: OSVDB ID: 33313 Sygate Personal Firewall Process Environment Block (PEB) Process Control Local Bypass Source: BUGTRAQ Type: UNKNOWN 20061215 Bypassing process identification of several personal firewalls and HIPS Source: BID Type: UNKNOWN 21615 Source: CCN Type: BID-21615 Multiple Vendor Firewall HIPS Process Spoofing Vulnerability Source: CCN Type: Wilders Security Forums, December 15th, 2006, 04:19 PM Driver update for "ex-coat" vulnerability Source: XF Type: UNKNOWN multiple-firewall-peb-security-bypass(31060) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |