The Deterministic Network driver contains a privilege escalation vulnerability, which can allow a local attacker to execute code with kernel privileges.
Deterministic Networks provides a product called Deterministic Network Enhancer (DNE), which extends the Microsoft Windows networking stack. DNE is packaged with multiple applications, including the Cisco VPN Client. The DNE driver, which is provided by dne2000.sys, is vulnerable to privilege escalation. By making a certain ioctl to the DNE device driver, it is possible to execute code with windows kernel privileges.
A local attacker may be able to execute code with windows kernel privileges.
Apply an update
This issue is addressed in dne2000.sys version 18.104.22.16802. This driver is available from the DNE support page.
This vulnerability was reported by mu-b at Digit-Labs.
This document was written by Will Dormann.
|Date First Published:||2008-06-18|
|Date Last Updated:||2008-06-27 16:47 UTC|