Name | ESET_EpFwNDIS |
---|---|
CVE | CVE-2014-4973 Exploit Pack |
Notes: | |
This module exploits a vulnerability on the ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver. | |
The Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security | |
products 5.0 through 7.0 are the vulnerable ones. | |
While processing the input buffer inside the IOCTL 0x830020CC a trusted value condition occurs. The | |
correct value could be obtained through another IOCTL which has an information leak. Once the correct | |
value is known a NULL page dereference could be achieved. |
References:
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/
Tested on:
Windows XP Professional SP3 x86 (ESET Smart Security 7.0.302.0)
VENDOR: ESET
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4973
CVE Name: CVE-2014-4973