Published: 11/04/2014 Updated: 14/04/2014

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

A race condition in the wmi_malware_scan.nbin plugin prior to 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tenable nessus 5.2.1
tenable plugin-set

Nessus contains a race condition in the Malicious Process Detection plugin that leads to unauthorized privileges being gained The issue is due to the plugin creating a binary with a static name in the temporary folder Once Nessus has started a scan, a low-level user may overwrite this binary, and it will be executed upon reboot of the device Thi ...

CWE-362 https://www.nccgroup.com/en/learning-and-research-centre/technical-advisories/nessus-authenticated-scan-local-privilege-escalation/http://www.securitytracker.com/id/1029946 http://secunia.com/advisories/57403 https://discussions.nessus.org/thread/7195 https://nvd.nist.gov https://www.tenable.com/security/tns-2014-01

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-2848

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect