Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2024 and is owned by Tenable, Inc. or an Affiliate thereof.KASPERSKY_BASES_PERMS_PRIV_ESCALATION.NBIN
HistoryJan 06, 2010 - 12:00 a.m.

Kaspersky Multiple Products 'Bases' Directory Insecure Permissions

2010-01-0600:00:00
This script is Copyright (C) 2010-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

The version of either Kaspersky Anti-Virus or Kaspersky Internet Security installed on the remote host has a local privilege escalation vulnerability.

The Everyone group has Full Control rights to the β€˜Bases’ directory.
This directory contains antivirus bases, configuration files, and executable modules used by multiple Kaspersky products.

A local attacker could exploit this to execute arbitrary code with SYSTEM privileges.

Binary data kaspersky_bases_perms_priv_escalation.nbin
JSON