Microsoft Windows Virtual DOS Machine Privilege Escalation

2004-04-13T17:50:33
ID OSVDB:5258
Type osvdb
Reporter Derek Soeder(dsoeder@eeye.com)
Modified 2004-04-13T17:50:33

Description

Vulnerability Description

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker causes code to run in Virtual86 mode without first initializing a Virtual DOS Machine, which may allow the attacker to derefernce a null pointer and execute arbitrary code in kernel space. This flaw may lead to a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker causes code to run in Virtual86 mode without first initializing a Virtual DOS Machine, which may allow the attacker to derefernce a null pointer and execute arbitrary code in kernel space. This flaw may lead to a loss of integrity.

References:

US-CERT Cyber Security Alert: TA04-104A Secunia Advisory ID:11064 Related OSVDB ID: 5261 Related OSVDB ID: 5251 Related OSVDB ID: 5254 Related OSVDB ID: 5255 Related OSVDB ID: 5256 Related OSVDB ID: 5260 Related OSVDB ID: 5249 Related OSVDB ID: 5257 Related OSVDB ID: 5248 Related OSVDB ID: 5250 Related OSVDB ID: 5252 Related OSVDB ID: 5253 Related OSVDB ID: 5259 Other Advisory URL: http://www.eeye.com/html/Research/Advisories/AD20040413E.html OVAL ID: 1718 OVAL ID: 1512 Nessus Plugin ID:12209 Microsoft Security Bulletin: MS04-011 Mail List Post: http://lists.netsys.com/pipermail/full-disclosure/2004-April/020070.html ISS X-Force ID: 15818 ISS X-Force ID: 15714 CVE-2004-0118 CIAC Advisory: o-114 CERT VU: 783748