Details of VAR-200604-0363

ID

VAR-200604-0363

CVE

CVE-2006-1836

TITLE

Symantec LiveUpdate for Macintosh Local privilege elevation vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200604-296

DESCRIPTION

Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program. Symantec LiveUpdate for Macintosh is prone to a local privilege-escalation vulnerability. This issue is due to the application's failure to properly use the PATH environment variable in some of its components. A successful exploit allows local attackers to gain superuser privileges, leading to a complete compromise of the affected computer. TITLE: Symantec LiveUpdate for Machintosh Privilege Escalation SECUNIA ADVISORY ID: SA19682 VERIFY ADVISORY: http://secunia.com/advisories/19682/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Symantec Norton Utilities for Macintosh 8.x http://secunia.com/product/5953/ Symantec Norton SystemWorks for Macintosh 3.x http://secunia.com/product/5952/ Symantec Norton Personal Firewall for Macintosh 3.x http://secunia.com/product/5950/ Symantec Norton Internet Security for Macintosh 3.x http://secunia.com/product/5951/ Symantec Norton AntiVirus for Macintosh 9.x http://secunia.com/product/5948/ Symantec Norton AntiVirus for Macintosh 10.x http://secunia.com/product/5949/ Symantec LiveUpdate for Macintosh 3.x http://secunia.com/product/5954/ DESCRIPTION: A vulnerability has been reported in Symantec LiveUpdate for Machintosh, which can be exploited by malicious, local users to gain escalated privileges. SOLUTION: Apply latest LiveUpdate patch. PROVIDED AND/OR DISCOVERED BY: The vendor credits DigitalMunition.com. ORIGINAL ADVISORY: http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2006-1836 // BID: 17571 // VULHUB: VHN-17944 // PACKETSTORM: 45507

AFFECTED PRODUCTS

vendor:	symantec	model:	norton antivirus	scope:	eq	version:	9.0.3	Trust: 1.6
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	3.0	Trust: 1.6
vendor:	symantec	model:	norton utilities	scope:	eq	version:	8.0	Trust: 1.6
vendor:	symantec	model:	norton internet security	scope:	eq	version:	3.0	Trust: 1.6
vendor:	symantec	model:	norton system works	scope:	eq	version:	3.0	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	9.0.1	Trust: 1.6
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	3.1	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.9.1	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	9.0.2	Trust: 1.6
vendor:	symantec	model:	liveupdate	scope:	eq	version:	3.5	Trust: 1.0
vendor:	symantec	model:	liveupdate	scope:	eq	version:	3.0.2	Trust: 1.0
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.1	Trust: 1.0
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	9.0.0	Trust: 1.0
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.0	Trust: 1.0
vendor:	symantec	model:	liveupdate	scope:	eq	version:	3.0.1	Trust: 1.0
vendor:	symantec	model:	liveupdate	scope:	eq	version:	3.0.3	Trust: 1.0
vendor:	symantec	model:	liveupdate	scope:	eq	version:	3.0	Trust: 1.0
vendor:	symantec	model:	norton utilities for macintosh	scope:	eq	version:	8.0	Trust: 0.3
vendor:	symantec	model:	norton system works for macintosh	scope:	eq	version:	3.0	Trust: 0.3
vendor:	symantec	model:	norton personal firewall for macintosh	scope:	eq	version:	3.1	Trust: 0.3
vendor:	symantec	model:	norton personal firewall for macintosh	scope:	eq	version:	3.0	Trust: 0.3
vendor:	symantec	model:	norton internet security for macintosh	scope:	eq	version:	3.0	Trust: 0.3
vendor:	symantec	model:	norton antivirus for macintosh	scope:	eq	version:	10.9.1	Trust: 0.3
vendor:	symantec	model:	norton antivirus for macintosh	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	symantec	model:	norton antivirus for macintosh	scope:	eq	version:	10.0.0	Trust: 0.3
vendor:	symantec	model:	norton antivirus for macintosh	scope:	eq	version:	9.0.3	Trust: 0.3
vendor:	symantec	model:	norton antivirus for macintosh	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	symantec	model:	norton antivirus for macintosh	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	symantec	model:	norton antivirus for macintosh	scope:	eq	version:	9.0.0	Trust: 0.3
vendor:	symantec	model:	liveupdate for macintosh	scope:	eq	version:	3.5	Trust: 0.3
vendor:	symantec	model:	liveupdate for macintosh	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	symantec	model:	liveupdate for macintosh	scope:	eq	version:	3.0.2	Trust: 0.3
vendor:	symantec	model:	liveupdate for macintosh	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	symantec	model:	liveupdate for macintosh	scope:	eq	version:	3.0	Trust: 0.3
vendor:	symantec	model:	antivirus for macintosh	scope:	eq	version:	10.0	Trust: 0.3

sources: BID: 17571 // CNNVD: CNNVD-200604-296 // NVD: CVE-2006-1836

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-1836
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200604-296
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-17944
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-1836
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-17944
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-17944 // CNNVD: CNNVD-200604-296 // NVD: CVE-2006-1836

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-1836

THREAT TYPE

local

Trust: 1.0

sources: BID: 17571 // PACKETSTORM: 45507 // CNNVD: CNNVD-200604-296

TYPE

Design Error

Trust: 0.9

sources: BID: 17571 // CNNVD: CNNVD-200604-296

EXTERNAL IDS

db:	BID	id:	17571	Trust: 2.0
db:	NVD	id:	CVE-2006-1836	Trust: 2.0
db:	SECUNIA	id:	19682	Trust: 1.8
db:	SREASON	id:	100	Trust: 1.7
db:	VUPEN	id:	ADV-2006-1386	Trust: 1.7
db:	SECTRACK	id:	1015953	Trust: 1.7
db:	CNNVD	id:	CNNVD-200604-296	Trust: 0.7
db:	BUGTRAQ	id:	20060418 [SYMANTEC SECURITY ADVISORY] LIVEUPDATE FOR MACINTOSH LOCAL PRIVILEGE ESCALATION	Trust: 0.6
db:	XF	id:	25839	Trust: 0.6
db:	VULHUB	id:	VHN-17944	Trust: 0.1
db:	PACKETSTORM	id:	45507	Trust: 0.1

sources: VULHUB: VHN-17944 // BID: 17571 // PACKETSTORM: 45507 // CNNVD: CNNVD-200604-296 // NVD: CVE-2006-1836

REFERENCES

url:	http://securityresponse.symantec.com/avcenter/security/content/2006.04.17b.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/17571	Trust: 1.7
url:	http://securitytracker.com/id?1015953	Trust: 1.7
url:	http://secunia.com/advisories/19682	Trust: 1.7
url:	http://securityreason.com/securityalert/100	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/431318/100/0/threaded	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2006/1386	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/25839	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/archive/1/431318/100/0/threaded	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2006/1386	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/25839	Trust: 0.6
url:	http://www.symantec.com/avcenter/security/content/2006.04.17b.html	Trust: 0.3
url:	http://secunia.com/product/5953/	Trust: 0.1
url:	http://secunia.com/product/5950/	Trust: 0.1
url:	http://secunia.com/product/5951/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/5954/	Trust: 0.1
url:	http://secunia.com/product/5952/	Trust: 0.1
url:	http://secunia.com/advisories/19682/	Trust: 0.1
url:	http://secunia.com/product/5949/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/product/5948/	Trust: 0.1

sources: VULHUB: VHN-17944 // BID: 17571 // PACKETSTORM: 45507 // CNNVD: CNNVD-200604-296 // NVD: CVE-2006-1836

CREDITS

DigitalMunition.com is credited with the discovery of this issue.

Trust: 0.9

sources: BID: 17571 // CNNVD: CNNVD-200604-296

SOURCES

db:	VULHUB	id:	VHN-17944
db:	BID	id:	17571
db:	PACKETSTORM	id:	45507
db:	CNNVD	id:	CNNVD-200604-296
db:	NVD	id:	CVE-2006-1836

LAST UPDATE DATE

2024-08-14T14:08:35.425000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-17944	date:	2018-10-18T00:00:00
db:	BID	id:	17571	date:	2007-06-27T19:08:00
db:	CNNVD	id:	CNNVD-200604-296	date:	2006-09-28T00:00:00
db:	NVD	id:	CVE-2006-1836	date:	2018-10-18T16:36:44.410

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-17944	date:	2006-04-19T00:00:00
db:	BID	id:	17571	date:	2006-04-17T00:00:00
db:	PACKETSTORM	id:	45507	date:	2006-04-19T19:19:57
db:	CNNVD	id:	CNNVD-200604-296	date:	2006-04-19T00:00:00
db:	NVD	id:	CVE-2006-1836	date:	2006-04-19T16:06:00