MS09-058: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The Windows kernel is vulnerable to multiple buffer overflow attacks.

Description :

The remote Windows host is running a version of the Windows kernel that
is affected by multiple vulnerabilities :

- An elevation of privilege vulnerability exists in the
Windows kernel due to the incorrect truncation of a 64-
bit value to a 32-bit value. An attacker who
successfully exploited this vulnerability could run
arbitrary code in kernel mode. An attacker could then
install programs, view / change / delete data, or
create new accounts with full user rights.
(CVE-2009-2515)

- An elevation of privilege vulnerability exists in the
Windows kernel due to the incorrect truncation of a 64-
bit value to a 32-bit value. An attacker who
successfully exploited this vulnerability could run
arbitrary code in kernel mode. An attacker could then
install programs, view / change / delete data, or
create new accounts with full user rights.
(CVE-2009-2516)

- A denial of service vulnerability exists in the Windows
kernel because of the way the kernel handles certain
exceptions. An attacker could exploit the
vulnerability by running a specially crafted
application causing the system to restart.
(CVE-2009-2517)

See also :

http://technet.microsoft.com/en-us/security/bulletin/MS09-058

Solution :

Microsoft has released a set of patches for Windows 2000, XP, 2003,
Vista and 2008.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 42114 ()

Bugtraq ID: 36623
36624
36625

CVE ID: CVE-2009-2515
CVE-2009-2516
CVE-2009-2517