CVE - CVE-2006-6477

CVE-ID
CVE-2006-6477	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and configured to use only HTTP, allows local users to modify requests and responses between a client and an agent by hijacking an HTTP FRAgent daemon and conducting a man-in-the-middle (MITM) attack.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:21548 URL:http://www.securityfocus.com/bid/21548 BUGTRAQ:20061218 SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response URL:http://www.securityfocus.com/archive/1/454712/100/0/threaded CONFIRM:http://www.mandiant.com/firstresponse.htm MISC:http://www.symantec.com/enterprise/research/SYMSA-2006-013.txt SECTRACK:1017394 URL:http://securitytracker.com/id?1017394 SECUNIA:23393 URL:http://secunia.com/advisories/23393 SREASON:2052 URL:http://securityreason.com/securityalert/2052 VUPEN:ADV-2006-5061 URL:~~http://www.vupen.com/english/advisories/2006/5061~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20061211	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20061211)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)