Sun xVM VirtualBox < 1.6.4 Local Privilege Escalation
High Nessus Plugin ID 33819
SynopsisThe remote Windows host has an application that is affected by a local privilege escalation vulnerability.
DescriptionThe remote host contains a version of Sun xVM VirtualBox, an open source virtualization platform, before 1.6.4. Such versions reportedly include a kernel driver, 'VBoxDrv.sys', that allows a local user to open the device '\\.\VBoxDrv' and issue IOCTLs with a buffering method of 'METHOD_NEITHER' without any validation. Using specially crafted input, an unprivileged user can leverage this issue to execute arbitrary code in kernel mode.
SolutionUpgrade to Sun xVM VirtualBox 1.6.4 or later.