Trend Micro Multiple Products TmComm.sys IOCTL Handler Local Privilege Escalation

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by a local privilege escalation
issue.

Description :

The version of tmcomm.sys installed on the remote system is affected
by a local privilege escalation vulnerability. The issue exists due to
insecure permissions on Tmcomm.sys which allows write access to
'everyone' group on the remote system. Successful exploitation of this
issue could lead to arbitrary code execution with SYSTEM privileges.

See also :

http://www.nessus.org/u?13a3190c
http://esupport.trendmicro.com/solution/en-us/1034432.aspx

Solution :

Update the Anti-Rootkit Common Module (RCM) to version 1.600-1052.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 24682 ()

Bugtraq ID: 22448

CVE ID: CVE-2007-0856

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now