NVIDIA Display Driver Service Remote Stack Buffer Overflow (credentialed check)

high Nessus Plugin ID 63417

Synopsis

A video display service on the remote Windows host is affected by a stack-based buffer overflow vulnerability.

Description

The NVIDIA Display Driver Service on the remote Windows host is affected by a remote stack-based buffer overflow. An authenticated, remote attacker, by connecting to the nsvr named pipe and making a specially crafted request, could exploit this to execute arbitrary code as SYSTEM.

Solution

Upgrade to NVIDIA graphics drivers version 307.74 / 310.90 or later.

See Also

https://seclists.org/dailydave/2013/q1/6

http://www.geforce.com/drivers/results/55026

http://www.geforce.com/drivers/results/55121

http://www.geforce.com/drivers/results/55217

http://www.geforce.com/drivers/results/55220

http://www.geforce.com/drivers/results/55599

http://www.nvidia.com/download/driverResults.aspx/56056

Plugin Details

Severity: High

ID: 63417

File Name: nvidia_nvsr_buffer_overflow.nasl

Version: 1.19

Type: local

Agent: windows

Family: Windows

Published: 1/8/2013

Updated: 4/5/2023

Configuration: Enable paranoid mode

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS Score Rationale: Manual analysis of the vulnerability

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 8.6

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: manual

Vulnerability Information

CPE: cpe:/a:nvidia:display_driver

Required KB Items: Settings/ParanoidReport, WMI/DisplayDrivers/NVIDIA

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/5/2013

Vulnerability Publication Date: 12/25/2012

Exploitable With

Metasploit (Nvidia (nvsvc) Display Driver Service Local Privilege Escalation)

Reference Information

BID: 57123