Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

[R3] Tenable Nessus Malicious Process Detection Temporary Service Binary Modification Local Privilege Escalation

Related Vulnerabilities: CVE-2014-2848  

Nessus contains a race condition in the Malicious Process Detection plugin that leads to unauthorized privileges being gained. The issue is due to the plugin creating a binary with a static name in the temporary folder. Once Nessus has started a scan, a low-level user may overwrite this binary, and it will be executed upon reboot of the device. This may allow a local attacker to gain elevated privileges.

Source

Synopsis

Nessus contains a race condition in the Malicious Process Detection plugin that leads to unauthorized privileges being gained. The issue is due to the plugin creating a binary with a static name in the temporary folder. Once Nessus has started a scan, a low-level user may overwrite this binary, and it will be executed upon reboot of the device. This may allow a local attacker to gain elevated privileges.

Solution

Tenable has released an updated version of the affected plugin (59275) to address this issue. Customers will automatically receive the update in the routine daily plugin update.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started