WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Local Privilege Escalation
Medium Nessus Plugin ID 28182
The remote Windows host contains an application that is prone to a local privilege escalation vulnerability.
WinPcap, a packet capture and filtering engine, is installed on the remote Windows host. The version of WinPcap on the remote host enables a local user to execute arbitrary code in kernel context because it fails to validate array indices passed to the 'bpf_filter_init()' function via specially crafted IOCTL requests.