Jungo DriverWizard WinDrive OOB Write Privilege Escalation

-- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Out-of-Bounds Write Privilege Escalation Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba Driver: windrvr1240.sys Sha1:...

Jungo DriverWizard WinDriver - Kernel Out-of-Bounds Write Privilege Escalation Exploit

Exploit for windows platform in category local exploits -- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Out-of-Bounds Write Privilege Escalation Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba Driver:...

Microsoft Windows 7 (x64) - afd.sys Dangling Pointer Privilege Escalation (MS14-040)

Microsoft Windows 7 x64 - afd.sys Dangling Pointer Privilege Escalation MS14-040 Exploit Title: MS14-040 - AFD.SYS Dangling Pointer Date: 2016-03-03 Exploit Author: Rick Larabee Vendor Homepage: www.microsoft.com Version: Windows 7, 64 bit Tested on: Win7 x64 afd.sys - 6.1.7601.17514 ntdll.dll -...

Dell Pre-Boot Authentication Driver Uncontrolled Write Vulnerability

The Dell Pre-Boot Authentication Driver PBADRV.sys contains a vulnerability that can be leveraged to enable an attacker to write arbitrary code. The 'OutputAddress' from the IOCTL call is not validated before it attempts to write to memory. The content of the write is a four-byte hex value that i...

KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Title: XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-004 Publication Date: 2015.09.01 Publication URL:...

VBox Satellite Express Arbitrary Write Privilege Escalation

Vulnerability Details Affected Vendor: VBox Communications Affected Product: Satellite Express Protocol Affected Version: 2.3.17.3 Platform: Microsoft Windows XP SP3, Microsoft Windows 7 x86 CWE Classification: CWE-123: Write-what-where condition Impact: Arbitrary Code Execution Attack vector:...

XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation

Vulnerability Details Affected Vendor: Silicon Integrated Systems Corporation Affected Product: XGI VGA Display Manager Affected Version: 6.14.10.1090 Platform: Microsoft Windows XP SP3 CWE Classification: CWE-123: Write-what-where condition Impact: Arbitrary Code Execution Attack vector: IOCTL...

XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC

Exploit for windows platform in category dos / poc Title: XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2015-004.txt 1. Vulnerability Details Affected Vendor: Silicon Integrated Systems Corporation...

Symantec Altiris Agent 6.9 (Build 648) - Local Privilege Escalation

Symantec Altiris Agent 6.9 Build 648 - Local Privilege Escalation / Exploit Title - Symantec Altiris Agent Arbitrary Write Privilege Escalation Date - 01st February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.symantec.com Tested Version - 6.9 Build 648 Driver Version...

Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Local Privilege Escalation (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/local/windowskernel' require 'rex' class Metasploit3 'Microsoft Bluetooth Personal Area Networking BthPan.sys Privilege...

MS14-062 Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation

A vulnerability within Microsoft Bluetooth Personal Area Networking module, BthPan.sys, can allow an attacker to inject memory controlled by the attacker into an arbitrary location. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently callin...

KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation

Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: MQ Access Contr...

KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation

Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: Bluetooth...

Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation

Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: MQ Access Contr...

Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation

Vulnerability Details Affected Vendor: Microsoft Affected Product: MQ Access Control Affected Versions: 5.1.0.1110 Platform: Microsoft Windows XP SP3 CWE Classification: CWE-123: Write-what-where Condition Impact: Privilege Escalation Attack vector: IOCTL CVE ID: CVE-2014-4971 2. Vulnerability...

Novell Client 4.91 SP4 - Privilege Escalation Exploit

No description provided by source. Novell Client 4.91 SP3/4 Privilege escalation exploit Download link: http://download.novell.com/Download?buildid=SyZ1G2ti7wU SecurityFocus: http://www.securityfocus.com/bid/27209/info CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5762 Patch:...

Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation

This Metasploit module exploits a flaw in the nwfs.sys driver to overwrite data in kernel space. The corruption occurs while handling ioctl requests with code 0x1438BB, where a 0x00000009 dword is written to an arbitrary address. An entry within the HalDispatchTable is overwritten in order to...

Microsoft Windows - 'AfdJoinLeaf' Local Privilege Escalation (MS11-080) (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

MS11-080 AfdJoinLeaf Privilege Escalation

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

Microsoft Windows - 'afd.sys' Local Kernel (PoC) (MS11-046)

/ MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S . Ronnie Johndas wrote the writeup dissecting a malware with this exploit . I Rahul Sasifb1h2s just made the POC exploit available . Reference: ms8-66, ms6-49 Too lazy to add...