Lucene search
MitreCVE-2008-5725HistoryDec 26, 2008 - 5:30 p.m.
CVE-2008-5725
2008-12-2617:30:00
CWE-264
mitre
web.nvd.nist.gov
25
cve-2008-5725
nt kernel-mode driver
entech taiwan powerstrip
privilege escalation
irp parameters
ioctl
powerstrip1
memory overwrite
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
High
EPSS
0
Percentile
0.4%
The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory.
Affected configurations
Node
entechtaiwanpowerstripRange≤3.84
ORentechtaiwanpowerstripMatch3.00
ORentechtaiwanpowerstripMatch3.01
ORentechtaiwanpowerstripMatch3.02
ORentechtaiwanpowerstripMatch3.10
ORentechtaiwanpowerstripMatch3.11
ORentechtaiwanpowerstripMatch3.12
ORentechtaiwanpowerstripMatch3.15
ORentechtaiwanpowerstripMatch3.16
ORentechtaiwanpowerstripMatch3.18
ORentechtaiwanpowerstripMatch3.20
ORentechtaiwanpowerstripMatch3.25
ORentechtaiwanpowerstripMatch3.26
ORentechtaiwanpowerstripMatch3.28
ORentechtaiwanpowerstripMatch3.29
ORentechtaiwanpowerstripMatch3.30
ORentechtaiwanpowerstripMatch3.40
ORentechtaiwanpowerstripMatch3.43
ORentechtaiwanpowerstripMatch3.44
ORentechtaiwanpowerstripMatch3.45
ORentechtaiwanpowerstripMatch3.46
ORentechtaiwanpowerstripMatch3.47
ORentechtaiwanpowerstripMatch3.49
ORentechtaiwanpowerstripMatch3.50
ORentechtaiwanpowerstripMatch3.51
ORentechtaiwanpowerstripMatch3.52
ORentechtaiwanpowerstripMatch3.53
ORentechtaiwanpowerstripMatch3.54
ORentechtaiwanpowerstripMatch3.55
ORentechtaiwanpowerstripMatch3.56
ORentechtaiwanpowerstripMatch3.57
ORentechtaiwanpowerstripMatch3.58
ORentechtaiwanpowerstripMatch3.59
ORentechtaiwanpowerstripMatch3.60
ORentechtaiwanpowerstripMatch3.61
ORentechtaiwanpowerstripMatch3.62
ORentechtaiwanpowerstripMatch3.63
ORentechtaiwanpowerstripMatch3.64
ORentechtaiwanpowerstripMatch3.65
ORentechtaiwanpowerstripMatch3.70
ORentechtaiwanpowerstripMatch3.72
ORentechtaiwanpowerstripMatch3.73
ORentechtaiwanpowerstripMatch3.74
ORentechtaiwanpowerstripMatch3.75
ORentechtaiwanpowerstripMatch3.76
ORentechtaiwanpowerstripMatch3.77
ORentechtaiwanpowerstripMatch3.78
ORentechtaiwanpowerstripMatch3.80
ORentechtaiwanpowerstripMatch3.81
ORentechtaiwanpowerstripMatch3.83
| Vendor | Product | Version | CPE |
|---|---|---|---|
| entechtaiwan | powerstrip | * | cpe:2.3:a:entechtaiwan:powerstrip:*:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.00 | cpe:2.3:a:entechtaiwan:powerstrip:3.00:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.01 | cpe:2.3:a:entechtaiwan:powerstrip:3.01:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.02 | cpe:2.3:a:entechtaiwan:powerstrip:3.02:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.10 | cpe:2.3:a:entechtaiwan:powerstrip:3.10:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.11 | cpe:2.3:a:entechtaiwan:powerstrip:3.11:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.12 | cpe:2.3:a:entechtaiwan:powerstrip:3.12:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.15 | cpe:2.3:a:entechtaiwan:powerstrip:3.15:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.16 | cpe:2.3:a:entechtaiwan:powerstrip:3.16:*:*:*:*:*:*:* |
| entechtaiwan | powerstrip | 3.18 | cpe:2.3:a:entechtaiwan:powerstrip:3.18:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
PowerStrip 3.84 - 'pstrip.sys' Local Privilege Escalation
2008-12-21 00:00:00
prion
prion
Cross site request forgery (csrf)
2008-12-26 17:30:00
nvd
nvd
CVE-2008-5725
2008-12-26 17:30:00
cvelist
cvelist
CVE-2008-5725
2008-12-26 17:08:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
High
EPSS
0
Percentile
0.4%
Related for CVE-2008-5725