Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-6308

EPSS 0.10% · P27
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-6308

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Symantec LiveState 7.1 Agent for Windows allows local users to gain privileges by stopping the shstart.exe process and open "Web Self-Service" from the system tray icon, which will open a browser window running with elevated privileges. NOTE: several third-party researchers have noted that administrator privileges may be necessary to terminate shstart.exe. If this is the case, then no privilege escalation occurs, and this is not a vulnerability
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Symantec LiveState Agent 'shstart.exe'进程安全权限提升漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
** 争议 ** Symantec LiveState 7.1 Agent for Windows允许本地用户通过停止shstart.exe进程并从系统任务栏图标打开"Web Self-Service"(打开带有提升特权的浏览器窗口)来获取特权。 注:几个第三方研究者指出可能需要管理员特权来终止shstart.exe。 如果是这样,则不发生特权提升,这就不是漏洞。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-6308

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-6308

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-12-06 · 17 CVEs total

CVE-2006-6112LifeType 'class/和plugins/' 安全信息泄露漏洞
CVE-2006-6305Net-SNMP权限许可和访问控制漏洞
CVE-2006-6333Linux内核'IBMTR.C'远程拒绝服务漏洞
CVE-2006-6328TorrentFlux 'index.php'目录遍历漏洞
CVE-2006-6329TorrentFlux 'index.php'delfile参数文件删除漏洞
CVE-2006-6330TorrentFlux 'index.php'kill参数任意命令执行漏洞
CVE-2006-6331TorrentFlux 'metalnfo.php'任意命令执行漏洞
CVE-2006-5994Microsoft Word畸形字符串远程代码执行漏洞
CVE-2006-6309IBM Tivoli Storage Manager 多个数组索引错误
CVE-2006-6310Microsoft Internet Explorer Frame Src属性拒绝服务漏洞
CVE-2006-6311Internet Explorer CSS畸形宽度单元标记拒绝服务漏洞
CVE-2006-5855IBM Tivoli Storage Manager多个远程缓冲区溢出漏洞
CVE-2006-5856Adobe下载管理器畸形条目信息缓冲区溢出漏洞
CVE-2006-6301DenyHosts sshd日志文件远程拒绝服务漏洞
CVE-2006-6302Fail2Ban 'hosts.deny'文件远程拒绝服务漏洞
CVE-2006-6303Yukihiro Matsumoto Ruby 'cgi.rb'库远程拒绝服务漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-6308

No comments yet

Leave a comment