Zemana AntiLogger Local Privilege Escalation

Zemana AntiLogger AntiLog32.sys elfanew; PVOID waddr = &pnthdr-OptionalHeader.DataDirectoryIMAGEDIRECTORYENTRYSECURITY.VirtualAddress ; ULONG oldp ; VirtualProtectwaddr , sizeofULONG , PAGEREADWRITE , &oldp; pnthdr-OptionalHeader.DataDirectoryIMAGEDIRECTORYENTRYSECURITY.VirtualAddress = 0x1 ;...

Zemana AntiLogger 'AntiLog32.sys' 1.5.2.755 - Local Privilege Escalation

Zemana AntiLogger AntiLog32.sys elfanew; PVOID waddr = &pnthdr-OptionalHeader.DataDirectoryIMAGEDIRECTORYENTRYSECURITY.VirtualAddress ; ULONG oldp ; VirtualProtectwaddr , sizeofULONG , PAGEREADWRITE , &oldp; pnthdr-OptionalHeader.DataDirectoryIMAGEDIRECTORYENTRYSECURITY.VirtualAddress = 0x1 ;...

Kingsoft WebShield KAVSafe.sys Privilege Escalation

Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date：2010-4-14 13:42:26 DETAILS: Kavsafe.sys create a...

Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation

Kingsoft Webshield KAVSafe.sys 2010.4.14.609 2010.5.23 - Kernel Mode Privilege Escalation / Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And...

Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Local Priv

Exploit for linux platform in category local exploits ============================================================================================= Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Priv. Escalation...

Avast! 4.7 - aavmker4.sys Local Privilege Escalation

Avast! 4.7 - aavmker4.sys Local Privilege Escalation !/usr/bin/python avast! 4.7 aavmker4.sys privilege escalation http://www.trapkit.de/advisories/TKADV2008-002.txt CVE-2008-1625 Tested on WindXpSp2/Sp3 Dep ON Matteo Memelli ryujin A-T offensive-security.com www.offensive-security.com Spaghetti ...

Micropoint Proactive Denfense Mp110013.sys &lt;= 1.3.10123.0 Local Privilege Escalation Exploit

No description provided by source. Micropoint Proactive Denfense Mp110013.sys = 1.3.10123.0 Local Privilege Escalation Exploit VULNERABLE PRODUCTS Micropoint Proactive Denfense = 100323.1.2.10581.0285.r1 mp110013.sys = 1.3.10123.0 DETAILS: mp110013.sys handles DeviceIoControl request which tells...

Micropoint ProActive Denfense &#039;Mp110013.sys&#039; 1.3.10123.0 - Local Privilege Escalation

/ Micropoint Proactive Denfense Mp110013.sys = 1.3.10123.0 Local Privilege Escalation Exploit VULNERABLE PRODUCTS Micropoint Proactive Denfense = 100323.1.2.10581.0285.r1 mp110013.sys = 1.3.10123.0 DETAILS: mp110013.sys handles DeviceIoControl request which tells driver...

Micropoint Proactive Denfense Mp110013 <= 1.3.10123.0 Local Privilege

Exploit for windows platform in category local exploits ============================================================================================ Micropoint Proactive Denfense Mp110013.sys = 1.3.10123.0 Local Privilege Escalation Exploit...

Rising AntiVirus 2008 - 2010 Privilege Escalation Proof Of Concept

// Rising0day.cpp : Defines the entry point for the console application. // include "stdafx.h" include "windows.h" enum SystemModuleInformation = 11 ; typedef struct ULONG Unknown1; ULONG Unknown2; PVOID Base; ULONG Size; ULONG Flags; USHORT Index; USHORT NameLength; USHORT LoadCount; USHORT...

Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption

Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption / Avast 4.8.1351.0 antivirus aswMon2.sys Kernel Memory Corruption Author: Giuseppe 'Evilcry' Bonfa' E-Mail: evilcry AT gmail DOT com Website: http://evilcry.netsons.org http://evilcodecave.blogspot.com http://evilfingers.com Vendo...

Kaspersky AV 2010 9.0.0.463 Local DoS

Exploit for unknown platform in category dos / poc ===================================== Kaspersky AV 2010 9.0.0.463 Local DoS ===================================== Title: Kaspersky AV 2010 9.0.0.463 Local DoS CVE-ID: OSVDB-ID: Author: Heurs Published: 2009-09-29 Verified: yes view source print?...

Windows XP core driver AFD.sys a local elevation of privilege vulnerability analysis(ms08066)-vulnerability warning-the black bar safety net

Author: Polymorphours Email: [email protected] Homepage:http://www. whitecell. org Date: 2008-10-15 Vulnerability module: AFD.sys Vulnerability type: arbitrary kernel address can be written This vulnerability is one can write arbitrary kernel address vulnerabilities, generated the...

DESlock+ <= 3.2.7 Local Kernel Race Condition Denial of Service PoC

Exploit for unknown platform in category dos / poc =================================================================== DESlock+ DESlock+ include include define DLMFENCIOCTL 0x0FA4204C define DLMFENCFLAG 0xDEADBEEF define ARGSIZEa a-sizeof int2/sizeof void struct ioctlreq int flag; int reqnum; voi...

vmwarework-dos.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : VMWare Workstation hcmon.sys 6.0.0.45731 Class : DoS Published : 2008-08-17 Credit : g g orange-bat com - - Details - Fails to sanitize pointers sent from usermode with METHODNEITHER. hcmon.sys: .text:00011606 loc11606...

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

CVE-2007-3777

avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free Edition 7.5.446, provides an internal function that copies data to an arbitrary address, which allows local users to gain privileges via arbitrary address arguments to a function provided by the 0x5348E004 IOCTL for the generic...

Design/Logic Flaw

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service system crash via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of...

CVE-2007-1495

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service system crash via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of...