Kaspersky Multiple Products 'Bases' Directory Insecure Permissions
High Nessus Plugin ID 43814
SynopsisAn antivirus product installed on the remote Windows host has a local privilege escalation vulnerability.
DescriptionThe version of either Kaspersky Anti-Virus or Kaspersky Internet Security installed on the remote host has a local privilege escalation vulnerability.
The Everyone group has Full Control rights to the 'Bases' directory.
This directory contains antivirus bases, configuration files, and executable modules used by multiple Kaspersky products.
A local attacker could exploit this to execute arbitrary code with SYSTEM privileges.
SolutionUpgrade to one of the following versions :
- Kaspersky Anti-Virus 2010 (18.104.22.1686)
- Kaspersky Internet Security 2010 (22.214.171.1246)
- Kaspersky Anti-Virus 6.0 for Windows Workstations (126.96.36.1992)
- Kaspersky Anti-Virus 6.0 for Windows File Servers (188.8.131.522)