Unrated severityNVD Advisory· Published Nov 28, 2006· Updated Jun 16, 2026
CVE-2006-6131
CVE-2006-6131
Description
Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16cpe:2.3:a:kerio:webstar:*:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:kerio:webstar:*:*:*:*:*:*:*:*range: <=5.4.2
- cpe:2.3:a:kerio:webstar:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:kerio:webstar:5.4:*:*:*:*:*:*:*
- (no CPE)range: <=5.4.2
Patches
Vulnerability mechanics
References
9- secunia.com/advisories/22906nvdExploitVendor Advisory
- securitytracker.com/idnvdExploit
- www.osvdb.org/30450nvdExploit
- www.securityfocus.com/bid/21123nvdExploit
- securityreason.com/securityalert/1921nvd
- www.digitalmunition.com/DMA%5B2006-1115a%5D.txtnvd
- www.securityfocus.com/archive/1/451832/100/200/threadednvd
- www.vupen.com/english/advisories/2006/4539nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/30308nvd
News mentions
0No linked articles in our index yet.