CVE-2006-3074

Kaspersky Internet Security/KAV <7.0 - Local Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3074. PoCs published by Matousec Transparent security.

AI-analyzed exploit summary This is a vulnerability writeup describing multiple local vulnerabilities in Kaspersky Internet Security 6, including potential DoS and unconfirmed privilege escalation via kernel-level arbitrary code execution. The advisory references a related issue (BID 23326) but lacks exploit code.

Description

klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Matousec Transparent security · textlocalwindows

https://www.exploit-db.com/exploits/30192

View Code ZIP pw:eip

This is a vulnerability writeup describing multiple local vulnerabilities in Kaspersky Internet Security 6, including potential DoS and unconfirmed privilege escalation via kernel-level arbitrary code execution. The advisory references a related issue (BID 23326) but lacks exploit code.

Classification

Writeup 90%

Attack Type

Dos | Other

Complexity

Theoretical

Reliability

Theoretical

Target: Kaspersky Internet Security 6.0.2.614 and 6.0.2.621

No auth needed

Prerequisites: Local access to the target system

MITRE ATT&CK