GEAR Software CD DVD Filter Driver Insecure Method Local Privilege Escalation
High Nessus Plugin ID 34488
The remote Windows host has a kernel driver with an insecure method.
The version of GEAR Software's CD DVD Filter kernel driver (GEARAspiWDM.sys) on the remote host contains an insecure method that allows a local user to make an unlimited number of calls to 'IoAttachDevice' from user-land, thereby enabling him to exploit a local privilege escalation flaw in the Microsoft Windows kernel in the 'IopfCompleteRequest' function. Note that this driver may have been installed as part of a third-party application such as Apple iTunes, Norton 360, Norton Ghost, Norton Save and Restore, Backup Exec System Recovery, or Symantec LiveState Recovery.
Contact the appropriate vendor for an upgrade and verify that the version of the kernel driver is 220.127.116.11 or later.