DAEMON Tools 222850h IOCTL Handling Privilege Escalation Vulnerability

Secunia ID	SA46809
Release Date	12 Mar 2012
Criticality	Less Critical
Solution Status	Vendor Patch
Software	DAEMON Tools Lite 4.x
Where	Local system
Impact	DoS (Denial of Service) This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. Privilege escalation This covers vulnerabilities where a user is able to conduct certain tasks with the privileges of other users or administrative users. This typically includes cases where a local user on a client or server system can gain access to the administrator or root account thus taking full control of the system.
Description	ADLab has discovered a vulnerability in DAEMON Tools, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to an indexing error when processing the 0x00222850 IOCTL in dtsoftbus01.sys. This can be exploited to write a DWORD value into arbitrary kernel memory. Successful exploitation may allow execution of arbitrary code with SYSTEM privileges. The vulnerability is confirmed in version 4.41.3.0173. Other versions may also be affected.
Solution	Update to version 4.45.3.0297.
Reported by	ADLab, VenusTech via Secunia.

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.