English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

DAEMON Tools 222850h IOCTL Handling Privilege Escalation Vulnerability


Secunia ID

SA46809

Release Date

12 Mar 2012

Criticality

Less Critical

Solution Status

Vendor Patch

Software

DAEMON Tools Lite 4.x

Where

Local system

Impact
DoS (Denial of Service)

This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.

Privilege escalation

This covers vulnerabilities where a user is able to conduct certain tasks with the privileges of other users or administrative users.

This typically includes cases where a local user on a client or server system can gain access to the administrator or root account thus taking full control of the system.

Description

ADLab has discovered a vulnerability in DAEMON Tools, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

The vulnerability is caused due to an indexing error when processing the 0x00222850 IOCTL in dtsoftbus01.sys. This can be exploited to write a DWORD value into arbitrary kernel memory.

Successful exploitation may allow execution of arbitrary code with SYSTEM privileges.

The vulnerability is confirmed in version 4.41.3.0173. Other versions may also be affected.

Solution

Update to version 4.45.3.0297.

Reported by

ADLab, VenusTech via Secunia.