Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Windows >> Kaspersky Antivirus IOCTL Local Privilege Escalation Vulnerability


Vulnerability Assessment Details

Kaspersky Antivirus IOCTL Local Privilege Escalation Vulnerability

Vulnerability Assessment Summary
Checks date of virus signatures

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote Windows host contains an application that is prone to a
local privilege escalation issue.

Description :

The version of Kaspersky Antivirus installed on the remote host permits
a local attacker to execute arbitrary code with kernel rights by
passing a specially-crafted Irp structure to an IOCTL handler used by
the KLIN and KLICK device drivers. By leveraging this flaw, a local
attacker may be able to gain complete control of the affected system.

See also :

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425
http://www.securityfocus.com/archive/1/449258/30/0/threaded
http://www.securityfocus.com/archive/1/449301/30/0/threaded
http://www.kaspersky.com/technews?id=203038678

Solution :

Update the virus signatures after 10/12/2006 and restart the computer.

Network Security Threat Level:

High / CVSS Base Score : 7.0
(AV:L/AC:L/Au:NR/C:C/I:C/A:C/B:N)

Networks Security ID: 20635

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security

Cables, Connectors

Apple II Series vintage disk sleeve KeyPunch Software 1980's desktop Writer Pak
$19.95
Apple II Series vintage disk sleeve KeyPunch Software 1980's desktop Writer Pak pictureOkimate Apple IIe IIc Software 1985 Okidata Apple 2 vintage
$17.49
Okimate Apple IIe IIc Software 1985 Okidata Apple 2 vintage pictureKey Tronic E03601QL-C Wired Mechanical Computer Keyboard - Clean and Vintage
$19.99
Key Tronic E03601QL-C Wired Mechanical Computer Keyboard - Clean and Vintage pictureRARE vintage floppy discs, AOL ver 1.1, Hoyles book of games version 1.0, etc
$19.0
RARE vintage floppy discs, AOL ver 1.1, Hoyles book of games version 1.0, etc picture


Discussions

No Discussions have been posted on this vulnerability.