DAEMON Tools 'IOCTL' Handling Local Privilege Escalation Vulnerability
BID:52417
Info
DAEMON Tools 'IOCTL' Handling Local Privilege Escalation Vulnerability
| Bugtraq ID: | 52417 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 12 2012 12:00AM |
| Updated: | Mar 19 2015 08:23AM |
| Credit: | ADLab, VenusTech via Secunia |
| Vulnerable: |
Daemon Tools DAEMON Tools Pro Standard 4.41.0315.0262 Daemon Tools DAEMON Tools Pro Advanced 4.41.0315.0262 Daemon Tools Daemon Tools Lite 4.41.3.0173 |
| Not Vulnerable: |
Daemon Tools DAEMON Tools Pro Standard 5.0.0316.0317 Daemon Tools DAEMON Tools Pro Advanced 5.0.0316.0317 Daemon Tools Daemon Tools Lite 4.45.3.0297 |
Discussion
DAEMON Tools 'IOCTL' Handling Local Privilege Escalation Vulnerability
DAEMON Tools is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to write a DWORD value into arbitrary kernel memory and execute arbitrary code with system privileges on the host operating system or crash the host operating system.
The following versions are affected:
DAEMON Tools Lite 4.41.3.0173
DAEMON Tools Pro Standard/Advanced 4.41.0315.0262
DAEMON Tools is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to write a DWORD value into arbitrary kernel memory and execute arbitrary code with system privileges on the host operating system or crash the host operating system.
The following versions are affected:
DAEMON Tools Lite 4.41.3.0173
DAEMON Tools Pro Standard/Advanced 4.41.0315.0262
Exploit / POC
DAEMON Tools 'IOCTL' Handling Local Privilege Escalation Vulnerability
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].