GEAR Software CD DVD Filter Driver Insecure Method Local Privilege Escalation

High Nessus Plugin ID 34488


The remote Windows host has a kernel driver with an insecure method.


The version of GEAR Software's CD DVD Filter kernel driver (GEARAspiWDM.sys) on the remote host contains an insecure method that allows a local user to make an unlimited number of calls to 'IoAttachDevice' from user-land, thereby enabling him to exploit a local privilege escalation flaw in the Microsoft Windows kernel in the 'IopfCompleteRequest' function.

Note that this driver may have been installed as part of a third-party application such as Apple iTunes, Norton 360, Norton Ghost, Norton Save and Restore, Backup Exec System Recovery, or Symantec LiveState Recovery.


Contact the appropriate vendor for an upgrade and verify that the version of the kernel driver is or later.

See Also

Plugin Details

Severity: High

ID: 34488

File Name: gearaspiwdm_priv_escalation.nasl

Version: $Revision: 1.14 $

Type: local

Agent: windows

Family: Windows

Published: 2008/10/24

Modified: 2017/06/26

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/WindowsVersion, SMB/name, SMB/login, SMB/password

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

BID: 31089

CERT: 146896