|
Family: Windows --> Category: infos
Kaspersky Antivirus IOCTL Local Privilege Escalation Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks date of virus signatures
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host contains an application that is prone to a
local privilege escalation issue.
Description :
The version of Kaspersky Antivirus installed on the remote host allows
a local attacker to execute arbitrary code with kernel rights by
passing a specially-crafted Irp structure to an IOCTL handler used by
the KLIN and KLICK device drivers. By leveraging this flaw, a local
attacker may be able to gain complete control of the affected system.
See also :
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425
http://www.securityfocus.com/archive/1/449258/30/0/threaded
http://www.securityfocus.com/archive/1/449301/30/0/threaded
http://www.kaspersky.com/technews?id=203038678
Solution :
Update the virus signatures after 10/12/2006 and restart the computer.
Threat Level:
High / CVSS Base Score : 7.0
(AV:L/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|