Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.PGP_DESKTOP_9_10.NASL
HistoryApr 15, 2009 - 12:00 a.m.

PGP Desktop < 9.10 Multiple Local DoS

2009-04-1500:00:00
This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
www.tenable.com
18
JSON

The version of PGP Desktop installed on the remote system is older than 9.10. As such, it reportedly is affected by the following issues :

  • The IOCTL handler in ‘pgpdisk.sys’ fails to perform sufficient boundary checks on data associated with ‘Irp’ objects. A local attacker could exploit this flaw to crash the system.

  • The IOCTL handler in ‘pgpwded.sys’ fails to perform sufficient boundary checks on data associated with ‘Irp’ objects. A local attacker could exploit this flaw to crash the system or execute arbitrary code with SYSTEM privileges.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(36162);
  script_version("1.12");
  script_cvs_date("Date: 2018/11/15 20:50:28");

  script_cve_id("CVE-2008-5731", "CVE-2009-0681");
  script_bugtraq_id(32991, 34490);

  script_name(english:"PGP Desktop < 9.10 Multiple Local DoS");
  script_summary(english:"Checks version of pgpdisk.sys");

  script_set_attribute(attribute:"synopsis", value:
"The remote host contains an application that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of PGP Desktop installed on the remote system is older than
9.10.  As such, it reportedly is affected by the following issues :

  - The IOCTL handler in 'pgpdisk.sys' fails to perform
    sufficient boundary checks on data associated with 'Irp'
    objects. A local attacker could exploit this flaw to
    crash the system.

  - The IOCTL handler in 'pgpwded.sys' fails to perform
    sufficient boundary checks on data associated with 'Irp'
    objects. A local attacker could exploit this flaw to
    crash the system or execute arbitrary code with SYSTEM
    privileges.");
  script_set_attribute(attribute:"see_also", value:"http://en.securitylab.ru/lab/PT-2009-01");
  script_set_attribute(attribute:"see_also", value:"https://seclists.org/fulldisclosure/2009/Apr/120");
  script_set_attribute(attribute:"solution", value:
"Upgrade to PGP Desktop version 9.10, which reportedly addresses these
issues.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(20, 399);

  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe",value:"cpe:/a:pgp:desktop_for_windows");
  script_set_attribute(attribute:"cpe",value:"cpe:/a:symantec:encryption_desktop");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.");

  script_dependencies("pgp_desktop_installed.nasl");
  script_require_keys("SMB/symantec_encryption_desktop/DriverVersion");

  exit(0);
}

include("audit.inc");
include("smb_func.inc");
include("global_settings.inc");
include("misc_func.inc");

app = 'PGP Desktop Disk Encryption Driver';
kb_base = "SMB/symantec_encryption_desktop/";
port = kb_smb_transport();

driver_version = get_kb_item_or_exit(kb_base + "DriverVersion");
path = get_kb_item_or_exit(kb_base + "DriverPath");
path = ereg_replace(pattern:'^(.+)\\\\[^\\\\]+$', replace:"\1", string:path);

fix = "9.10";
if (ver_compare(ver:driver_version, fix:fix, strict:FALSE) == -1)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + driver_version +
      '\n  Fixed version     : ' + fix + '\n';
    security_warning(port:port, extra:report);
  }
  else security_warning(port);
}
else audit(AUDIT_INST_PATH_NOT_VULN, app, driver_version, path);
VendorProductVersionCPE
pgpdesktop_for_windowscpe:/a:pgp:desktop_for_windows
symantecencryption_desktopcpe:/a:symantec:encryption_desktop

Related

prion 2
openvas 4
cvelist 2
securityvulns 1
cve 2
ptsecurity 1
prion
prion
Design/Logic Flaw
2008-12-26 17:30:00
Design/Logic Flaw
2009-04-15 10:30:00
openvas
openvas
PGP Desktop Denial of Service Vulnerability
2009-01-06 00:00:00
PGP Desktop Denial of Service Vulnerability
2009-01-06 00:00:00
PGP Desktop Local Denial of Service Vulnerability
2009-04-23 00:00:00
cvelist
cvelist
CVE-2008-5731
2008-12-26 17:08:00
CVE-2009-0681
2009-04-15 10:00:00
securityvulns
securityvulns
[Positive Technologies SA 2009-01] PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities
2009-04-13 00:00:00
cve
cve
CVE-2009-0681
2009-04-15 10:30:00
CVE-2008-5731
2008-12-26 17:30:00
ptsecurity
ptsecurity
PT-2009-01: PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities
2009-04-13 00:00:00
JSON
Related for PGP_DESKTOP_9_10.NASL
prion2openvas4cvelist2securityvulns1cve2ptsecurity1