Intel PRO/Wireless 2100 Network Connection Driver Local Privilege Escalation Vulnerability

medium Nessus Plugin ID 22132

Synopsis

A local user can elevate his privileges on the remote host.

Description

The remote host is running a version of Intel Wireless/PRO 2100 driver that is fails to properly handle certain malformed frames. A local attacker may exploit this flaw to elevate his privileges (SYSTEM) on the remote host.

To exploit this flaw, an attacker would need to send a specially crafted wireless frame to the Intel driver.

Solution

http://www.nessus.org/u?58136174

Plugin Details

Severity: Medium

ID: 22132

File Name: ipw_privilege_escalation.nasl

Version: 1.13

Type: local

Agent: windows

Family: Windows

Published: 8/2/2006

Updated: 7/12/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 7/28/2006

Reference Information

CVE: CVE-2006-4022

BID: 19299