Vigil@nce: PGP Desktop, two vulnerabilities
April 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
A local attacker can use two vulnerabilities of PGP Desktop in
order to create a denial of service or to elevate his privileges.
Severity: 2/4
Consequences: administrator access/rights
Provenance: user shell
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 2
Creation date: 14/04/2009
IMPACTED PRODUCTS
– PGP Desktop
DESCRIPTION OF THE VULNERABILITY
An IRP (I/O Request Packet) is used to communicate with a driver.
The PGP Desktop product installs several drivers under Windows.
Two vulnerabilities impacts these drivers.
The pgpdisk.sys driver does not check addresses indicated in the
IRP, which leads to a denial of service. [grav:1/4; CVE-2009-0681]
The pgpwded.sys driver does not check addresses indicated in the
IRP, which leads to a denial of service or to code execution.
[grav:2/4]
A local attacker can therefore use two vulnerabilities of PGP
Desktop in order to create a denial of service or to elevate his
privileges.
CHARACTERISTICS
Identifiers: BID-34490, CVE-2009-0681, Positive Technologies SA
2009-01, PT-2009-01, VIGILANCE-VUL-8625
http://vigilance.fr/vulnerability/PGP-Desktop-two-vulnerabilities-8625