Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2838

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2006-2838
Last Modified 07 Mar 2011 09:37:06
Published 06 Jun 2006 04:06:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2838

Summary

Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host.

Vulnerable Systems

Application

  • F-secure Anti-virus 6.40

  • F-secure Internet Gatekeeper 6.4

  • F-secure Internet Gatekeeper 6.41

  • F-secure Internet Gatekeeper 6.42

  • F-secure Internet Gatekeeper 6.50


References

CONFIRM - http://www.f-secure.com/security/fsc-2006-3.shtml

SECTRACK - 1016197

SECUNIA - 20407

XF - fsecure-webconsole-bo(26799)

VUPEN - ADV-2006-2076

SECTRACK - 1016196


Last Updated: 27 May 2016 10:42:46