ID CVE-2017-6178
Summary The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference.
References
Vulnerable Configurations
  • cpe:2.3:a:usbpcap_project:usbpcap:1.1.0.0
    cpe:2.3:a:usbpcap_project:usbpcap:1.1.0.0
CVSS
Base: 4.6 (as of 22-03-2017 - 20:46)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
id EDB-ID:41542
packetstorm via4
data source https://packetstormsecurity.com/files/download/141526/usbpcap-escalate.txt
id PACKETSTORM:141526
last seen 2017-03-09
published 2017-03-09
reporter Parvez Anwar
source https://packetstormsecurity.com/files/141526/USBPcap-1.1.0.0-Privilege-Escalation.html
title USBPcap 1.1.0.0 Privilege Escalation
refmap via4
bid 97026
misc http://packetstormsecurity.com/files/141526/USBPcap-1.1.0.0-Privilege-Escalation.html
Last major update 24-03-2017 - 21:59
Published 20-03-2017 - 12:59
Back to Top