Detections
Analytics
MS11-034: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)
high Nessus Plugin ID 53391
Language:
Synopsis
The remote Windows kernel is affected by multiple vulnerabilities.Description
The remote host is running a version of the Windows kernel that is affected by the following types of vulnerabilities :- Several use-after-free vulnerabilities exist due to the way that Windows kernel-mode drivers manage kernel-mode driver objects. (CVE-2011-0662, CVE-2011-0665, CVE-2011-0666, CVE-2011-0667, CVE-2011-0670, CVE-2011-0671, CVE-2011-0672, CVE-2011-0674, CVE-2011-0675, CVE-2011-1234, CVE-2011-1235, CVE-2011-1236, CVE-2011-1237, CVE-2011-1238, CVE-2011-1239, CVE-2011-1240, CVE-2011-1241, CVE-2011-1242)
- Several NULL pointer de-reference vulnerabilities exist due to the way that Windows kernel-mode drivers manage pointers to kernel-mode driver objects. (CVE-2011-0673, CVE-2011-0676, CVE-2011-0677, CVE-2011-1225, CVE-2011-1226, CVE-2011-1227, CVE-2011-1228, CVE-2011-1229, CVE-2011-1230, CVE-2011-1231, CVE-2011-1232, CVE-2011-1233)
An attacker with local access to the affected system can exploit these issues to execute arbitrary code in kernel mode and take complete control of the affected system.
Solution
Microsoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2011/ms11-034
Plugin Details
Severity: High
ID: 53391
File Name: smb_nt_ms11-034.nasl
Version: 1.19
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 4/13/2011
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.9
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 6.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/12/2011
Vulnerability Publication Date: 4/12/2011
Reference Information
CVE: CVE-2011-0662, CVE-2011-0665, CVE-2011-0666, CVE-2011-0667, CVE-2011-0670, CVE-2011-0671, CVE-2011-0672, CVE-2011-0673, CVE-2011-0674, CVE-2011-0675, CVE-2011-0676, CVE-2011-0677, CVE-2011-1225, CVE-2011-1226, CVE-2011-1227, CVE-2011-1228, CVE-2011-1229, CVE-2011-1230, CVE-2011-1231, CVE-2011-1232, CVE-2011-1233, CVE-2011-1234, CVE-2011-1235, CVE-2011-1236, CVE-2011-1237, CVE-2011-1238, CVE-2011-1239, CVE-2011-1240, CVE-2011-1241, CVE-2011-1242
BID: 47194, 47202, 47203, 47204, 47205, 47206, 47207, 47234, 47209, 47210, 47220, 47224, 47225, 47226, 47227, 47228, 47229, 47230, 47231, 47232, 47233, 47211, 47212, 47213, 47214, 47215, 47216, 47217, 47218, 47219
MSFT: MS11-034
MSKB: 2506223