Visnetic AntiVirus Plug-in for MailServer Local Privilege Escalation

High Nessus Plugin ID 20993


The remote Windows application is prone to a local privilege escalation issue.


The version of VisNetic AntiVirus Plug-in for MailServer installed on the remote host does not drop its privileges before invoking other programs. An attacker with local access can exploit this flaw to execute arbitrary programs on the affected host with LOCAL SYSTEM privileges.


Upgrade to VisNetic AntiVirus Plug-in for VisNetic MailServer version or later.

See Also

Plugin Details

Severity: High

ID: 20993

File Name: visnetic_antivirus_priv_escalation.nasl

Version: $Revision: 1.12 $

Type: local

Agent: windows

Family: Windows

Published: 2006/03/03

Modified: 2015/01/12

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2006/02/23

Reference Information

CVE: CVE-2006-0812

BID: 16788

OSVDB: 23381