This host is running ArcaVir AntiVirus Products and is prone to Privilege Escalation Vulnerability.
Successful exploitation will let the attacker pass kernel addresses as the arguments to the driver and overwrite an arbitrary address in the kernel space through a specially crafted IOCTL. Impact level: System
Apply the security updates accordingly. http://www.arcabit.pl
This flaw is due to vulnerability in ps_drv.sys driver, which allows any users to open the device '\\Device\\ps_drv' and issue IOCTLs with a buffering mode of METHOD_NEITHER.
ArcaBit 2009 Home Protection prior to 9.4.3204.9 ArcaVir 2009 System Protection prior to 9.4.3203.9 ArcaVir 2009 Internet Security prior to 9.4.3202.9 ArcaBit ArcaVir 2009 Antivirus Protection prior to 9.4.3201.9
- Privilege Escalation Vulnerability in SLURM
- Changetrack Local Privilege Escalation Vulnerability
- South River Technologies WebDrive Local Privilege Escalation Vulnerability
- ArcaVir AntiVirus Products Privilege Escalation Vulnerability
- ESET Smart Security easdrv.sys Local Privilege Escalation Vulnerability