Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2986

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2986
Last Modified 10 Sep 2008 03:44:30
Published 19 Sep 2005 08:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2986

Summary

The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusBlock 2005 Build 6.0.0.383, V3Net for Windows Server 6.0 Build 6.0.0.383 does not properly validate the source of the DeviceIoControl commands, which allows remote attackers to gain privileges.

Vulnerable Systems

Application

  • Ahnlab V3 Virusblock 2005 6.0.0.383

  • Ahnlab V3net 6.0.0.383

  • Ahnlab V3pro 2004 6.0.0.383


References

XF - ahnlab-v3flt2k-gain-privilege(22297)

SECUNIA - 15674

CONFIRM - http://info.ahnlab.com/english/advisory/01.html

BUGTRAQ - 20050919 Secunia Research: Ahnlab V3 Antivirus Multiple Vulnerabilities

BID - 14847


Last Updated: 27 May 2016 10:40:42