Deterministic Network Extender 'dne2000.sys' Local Privilege Escalation
High Nessus Plugin ID 33480
SynopsisThe remote host contains a kernel driver that is affected by a local privilege escalation vulnerability.
DescriptionA kernel driver from Deterministic Network Extender (DNE) is installed on the remote host. DNE is typically packaged with third-party applications and is reportedly included with :
- SafeNet HighAssurance Remote and SoftRemote
- Cisco VPN Client
- Blue Coat Systems WinProxy
The installed version of 'dne2000.sys' is affected by a local privilege escalation issue. By sending a specially crafted IOCTL request, it may be possible to execute arbitrary code with kernel privileges.
SolutionUpgrade to dne2000.sys version 188.8.131.5202