NVIDIA Display Driver Service Remote Stack Buffer Overflow (credentialed check)

High Nessus Plugin ID 63417

Synopsis

A video display service on the remote Windows host is affected by a stack-based buffer overflow vulnerability.

Description

The NVIDIA Display Driver Service on the remote Windows host is affected by a remote stack-based buffer overflow. An authenticated, remote attacker, by connecting to the nsvr named pipe and making a specially crafted request, could exploit this to execute arbitrary code as SYSTEM.

Solution

Upgrade to NVIDIA graphics drivers version 307.74 / 310.90 or later.

See Also

https://seclists.org/dailydave/2013/q1/6

http://www.geforce.com/drivers/results/55026

http://www.geforce.com/drivers/results/55121

http://www.geforce.com/drivers/results/55217

http://www.geforce.com/drivers/results/55220

http://www.geforce.com/drivers/results/55599

http://www.nvidia.com/download/driverResults.aspx/56056

Plugin Details

Severity: High

ID: 63417

File Name: nvidia_nvsr_buffer_overflow.nasl

Version: 1.18

Type: local

Agent: windows

Family: Windows

Published: 2013/01/08

Updated: 2018/11/15

Dependencies: 72482

Configuration: Enable paranoid mode

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9

Temporal Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:nvidia:display_driver

Required KB Items: WMI/DisplayDrivers/NVIDIA, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/01/05

Vulnerability Publication Date: 2012/12/25

Exploitable With

Metasploit (Nvidia (nvsvc) Display Driver Service Local Privilege Escalation)

Reference Information

BID: 57123

EDB-ID: 24207