This host is installed with Kaspersky Products and is prone to Privilege Escalation vulnerability.

Local attackers can exploit this issue to replace some files (.kdl files) by malicious file (corrupted .dll files) and execute arbitrary code with SYSTEM privileges. Impact Level: System/Application

Upgrade to latest version of appropriate product, Kaspersky Anti-Virus/Internet Security 2009 (9.0.0.736) Kaspersky Anti-Virus for Windows Workstations/File Servers 6.0 (6.0.4.1212) For Updates, Refer http://www.kaspersky.com/productupdates

This flaw occurs due to insecure permissions (Everyone/Full Control) applied on the BASES folder which contains configuration files, antivirus bases and executable modules.

Kaspersky Anti-Virus 7, 2009, 2009 prior to 9.0.0.736 Kaspersky Internet Security 7, 2009, 2009 prior to 9.0.0.736 Kaspersky Anti-Virus 5.0, 6.0 for Windows Workstations prior to 6.0.4.1212 Kaspersky Anti-Virus 6.0 for Windows File Servers prior to 6.0.4.1212

• http://secunia.com/advisories/37398
• http://www.securityfocus.com/archive/1/archive/1/508508/100/0/threaded
• http://www.vupen.com/english/advisories/2009/3573

---

Updated on 2015-03-25