Detections
Analytics
MS13-101: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2880430)
high Nessus Plugin ID 71316
Language:
Synopsis
The Windows kernel drivers on the remote host are affected by multiple vulnerabilities.Description
The remote Windows host has the following vulnerabilities :- Multiple errors exist in the Windows kernel-mode drivers that could allow privilege escalation and arbitrary code execution. (CVE-2013-3899, CVE-2013-3902, CVE-2013-5058)
- An error exists in the way the Windows kernel-mode driver parses TrueType fonts that could allow denial of service attacks. (CVE-2013-3903)
- An error exists in the Windows audio port-class driver that could allow privilege escalation and arbitrary code execution. (CVE-2013-3907)
An attacker who successfully exploited these vulnerabilities could read arbitrary amounts of kernel memory or gain elevated privileges.
Solution
Microsoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.See Also
https://www.secureauth.com/labs/advisories/divide-error-windows-kernel
https://www.securityfocus.com/archive/1/530273/30/0/threaded
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-101
Plugin Details
Severity: High
ID: 71316
File Name: smb_nt_ms13-101.nasl
Version: 1.13
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 12/11/2013
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 6
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/10/2013
Vulnerability Publication Date: 12/10/2013
Exploitable With
Core Impact
Reference Information
CVE: CVE-2013-3899, CVE-2013-3902, CVE-2013-3903, CVE-2013-3907, CVE-2013-5058