Windows 2k3 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070) Exploit

Exploit for windows platform in category local exploits / Exploit Title: Windows 2k3 SP2 TCP/IP IOCTL Privilege Escalation MS14-070 Date: 2015-08-10 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable...

Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)

/ Exploit Title: Windows 2k3 SP2 TCP/IP IOCTL Privilege Escalation MS14-070 Date: 2015-08-10 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable software: Windows 2003 SP2 x86 Tested on: Windows 2003 SP2 x...

Windows tcpip.sys Arbitrary Write Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/local/windowskernel' require 'rex' class Metasploit3 'Windows tcpip.sys Arbitrary Write Privilege Escalation', 'Description' ...

KL-001-2015-001 : Windows 2003 tcpip.sys Privilege Escalation

KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-001 Publication Date: 2015.01.28 Publication URL:...

Microsoft Windows Server 2 0 0 3 SP2 - Privilege Escalation-vulnerability warning-the black bar safety net

KL-0 0 1-2 0 1 5-0 0 1 : Microsoft Windows Server 2 0 0 3 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2 0 0 3 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-0 0 1-2 0 1 5-0 0 1 Publication Date: 2015.01.28 Publication URL:...

Microsoft Windows Server 2003 SP2 - Privilege Escalation Exploit

The tcpip.sys driver fails to sufficiently validate memory objects used during the processing of a user-provided IOCTL. By crafting an input buffer that will be passed to the Tcp device through the NtDeviceIoControlFile function, it is possible to trigger a vulnerability that would allow an...

Microsoft Windows Server 2003 SP2 - Local Privilege Escalation (MS14-070)

Microsoft Windows Server 2003 SP2 - Local Privilege Escalation MS14-070 """ KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-001 Publication Date:...

Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation

KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-001 Publication Date: 2015.01.28 Publication URL:...

Microsoft Windows Server 2003 SP2 - Local Privilege Escalation (MS14-070)

""" KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-001 Publication Date: 2015.01.28 Publication URL:...

MS14-070 Windows tcpip!SetAddrOptions NULL Pointer Dereference

A vulnerability within the Microsoft TCP/IP protocol driver tcpip.sys can allow a local attacker to trigger a NULL pointer dereference by using a specially crafted IOCTL. This flaw can be abused to elevate privileges to SYSTEM. This module requires Metasploit: https://metasploit.com/download...

Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation

Vulnerability Details Affected Vendor: Microsoft Affected Product: TCP/IP Protocol Driver Affected Version: 5.2.3790.4573 Platform: Microsoft Windows Server 2003 Service Pack 2 Architecture: x86, x64, Itanium Impact: Privilege Escalation Attack vector: IOCTL CVE-ID: CVE-2014-4076 2...

Immunity Canvas: MS14_070

Name| ms14070 ---|--- CVE| CVE-2014-4076 Exploit Pack| CANVAS Description| ms14070 Notes| References: https://technet.microsoft.com/en-us/library/security/ms14-070.aspx CVE Name: CVE-2014-4076 VENDOR: Microsoft NOTES: Tested on: - Windows 2003 Standard Edition x86 SP2 English Usage: Win32/MOSDEF$...

CVE-2014-4076

CVE-2014-4076 affects Microsoft Windows Server 2003 SP2 TCP/IP protocol driver tcpip.sys (and tcpip6.sys). The root cause is improper validation/handling of memory objects during IOCTL processing, which can be triggered by a crafted IOCTL to escalate privileges to SYSTEM. Documented impact is loc...

Microsoft Windows TCP/IP CVE-2014-4076 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 x64 Edition Service Pack 2...

Microsoft Windows TCP/IP IOCTL Processing Elevation of Privilege (MS14-070; CVE-2014-4076)

An elevation of privilege vulnerability exists in the Windows TCP/IP stack. The vulnerability is caused when the Windows TCP/IP stack fails to properly handle objects in memory during IOCTL processing. To exploit this vulnerability, an attacker would first have to log on to the system and run a...