Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1475

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-1475
Last Modified 05 Sep 2008 05:02:00
Published 28 Mar 2006 08:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1475

Summary

Windows Firewall in Microsoft Windows XP SP2 does not produce application alerts when an application is executed using the NTFS Alternate Data Streams (ADS) filename:stream syntax, which might allow local users to launch a Trojan horse attack in which the victim does not obtain the alert that Windows Firewall would have produced for a non-ADS file.

Vulnerable Systems

Operating System

  • Microsoft Windows Xp


References

BUGTRAQ - 20060324 Microsoft Windows XP SP2 Firewall issue

XF - winxp-firewall-ads-bypass(25597)

BUGTRAQ - 20060327 Re: Microsoft Windows XP SP2 Firewall issue


Last Updated: 27 May 2016 10:42:05