Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.NVIDIA_WIN_CVE_2017_4525.NASL
HistoryAug 26, 2017 - 12:00 a.m.

NVIDIA Windows GPU Display Driver 375.x < 377.55 / 384.x < 384.94 / 385.x < 385.08 Multiple Vulnerabilities

2017-08-2600:00:00
This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
126
JSON

Nvidia GPU Display driver vulnerabilities may lead to denial of service or possible escalation of Privileges. To exploit these vulnerabilities an attacker would send a malicious request to an affected application or interact with an affected application. If successfully exploited, these vulnerabilities would allow an attacker to cause a denial of service condition or elevated privileges.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(102783);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/05");

  script_cve_id(
    "CVE-2017-6251",
    "CVE-2017-6252",
    "CVE-2017-6253",
    "CVE-2017-6254",
    "CVE-2017-6255",
    "CVE-2017-6256",
    "CVE-2017-6257",
    "CVE-2017-6259",
    "CVE-2017-6260"
  );

  script_name(english:"NVIDIA Windows GPU Display Driver 375.x < 377.55 / 384.x < 384.94 / 385.x < 385.08 Multiple Vulnerabilities");
  script_summary(english:"Checks the driver version.");

  script_set_attribute(attribute:"synopsis", value:
"A display driver installed on the remote Windows host is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"Nvidia GPU Display driver vulnerabilities may lead to denial of 
service or possible escalation of Privileges. To exploit these 
vulnerabilities an attacker would send a malicious request to an 
affected application or interact with an affected application. If 
successfully exploited, these vulnerabilities would allow an 
attacker to cause a denial of service condition or elevated 
privileges.");
  # https://nvidia.custhelp.com/app/answers/detail/a_id/4525
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b3f0ec60");
  script_set_attribute(attribute:"solution", value:
"Upgrade the NVIDIA graphics driver to version 377.55 / 384.94 / 385.08 or
later in accordance with the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-6251");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/07/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/26");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:nvidia:gpu_driver");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("wmi_enum_display_drivers.nbin");
  script_require_keys("WMI/DisplayDrivers/NVIDIA", "Settings/ParanoidReport");

  exit(0);
}

include('vcf_extras_nvidia.inc');

var app_info = vcf::nvidia_gpu::get_app_info(win_local:TRUE);

if (report_paranoia < 2)
  audit(AUDIT_PARANOID);

var constraints = [
  {'min_version': '375.0', 'fixed_version': '377.55'},
  {'min_version': '385.0', 'fixed_version': '385.08'}
];

vcf::nvidia_gpu::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_NOTE
);
VendorProductVersionCPE
nvidiagpu_drivercpe:/a:nvidia:gpu_driver

Related

nvidia 1
lenovo 2
nessus 2
prion 9
debiancve 2
cve 9
ubuntu 1
openvas 1
ubuntucve 2
nvidia
nvidia
Security Bulletin: NVIDIA GPU display driver contains multiple vulnerabilities in the kernel mode layer handler
2017-07-24 00:00:00
lenovo
lenovo
NVIDIA GPU display driver contains multiple vulnerabilities in the kernel mode layer handler - Lenovo Support US
2018-03-11 15:02:00
NVIDIA GPU display driver contains multiple vulnerabilities in the kernel mode layer handler - us
2018-03-11 15:02:00
nessus
nessus
NVIDIA Linux GPU Display Driver 375.8x < 375.82 / 375.7x < 375.74 / 384.x < 384.59 Multiple Vulnerabilities
2017-08-26 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : NVIDIA graphics drivers vulnerabilities (USN-3461-1)
2017-10-24 00:00:00
prion
prion
Null pointer dereference
2017-07-28 19:29:00
Input validation
2017-07-28 19:29:00
Design/Logic Flaw
2017-07-28 19:29:00
debiancve
debiancve
CVE-2017-6257
2017-07-28 19:29:00
CVE-2017-6259
2017-07-28 19:29:00
cve
cve
CVE-2017-6253
2017-07-28 19:29:00
CVE-2017-6257
2017-07-28 19:29:00
CVE-2017-6256
2017-07-28 19:29:00
ubuntu
ubuntu
NVIDIA graphics drivers vulnerabilities
2017-10-23 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3461-1)
2017-10-25 00:00:00
ubuntucve
ubuntucve
CVE-2017-6257
2017-07-28 00:00:00
CVE-2017-6259
2017-07-28 00:00:00
JSON
Related for NVIDIA_WIN_CVE_2017_4525.NASL
nvidia1lenovo2nessus2prion9debiancve2cve9ubuntu1openvas1ubuntucve2