MS14-015: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275)

high Nessus Plugin ID 72934

Synopsis

The Windows kernel drivers on the remote host are affected by multiple vulnerabilities.

Description

The remote Windows host has the following vulnerabilities :

- A privilege escalation vulnerability exists in the Windows kernel-mode driver due to improper handling of objects in memory. If successfully exploited, a locally authenticated attacker could run a specially crafted application in kernel mode to take control of the system. (CVE-2014-0300)

- An information disclosure vulnerability exists in the Windows kernel-mode driver due to improper handling of objects in memory. An attacker could exploit this issue to disclose information from kernel memory on the local system. (CVE-2014-0323)

Solution

Microsoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, 2008 R2, 8, 2012, 8.1 and 2012 R2.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-015

Plugin Details

Severity: High

ID: 72934

File Name: smb_nt_ms14-015.nasl

Version: 1.11

Type: local

Agent: windows

Published: 3/11/2014

Updated: 11/15/2018

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/11/2014

Vulnerability Publication Date: 3/11/2014

Exploitable With

Core Impact

Reference Information

CVE: CVE-2014-0300, CVE-2014-0323

BID: 66003, 66007

MSFT: MS14-015

MSKB: 2930275