28 matches found
CVE-2003-1246
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver IPD 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command...
EUVD-2004-1712
Malware in sbrugna...
EUVD-2003-1236
Malware in sbrugna...
EUVD-2002-2106
Malware in sbrugna...
EUVD-2002-2105
Malware in sbrugna...
CVE-2002-2126
restrictEnabled in Integrity Protection Driver IPD 1.2 delays driver installation for 20 minutes, which allows local users to insert malicious code by setting system clock to an earlier time...
IPD (Integrity Protection Driver) Local Exploit
No description provided by source. / ipd-dos.c Copyright c 2002-2004 By Next Generation Security S.L. All rights reserved Compiles with: cl ipd-dos.c Madrid, August 2004 / include windows.h define MYNULL 0x01 typedef DWORD zwopensectionTYPEDWORD Handle, DWORD mask, DWORD oa; int mainint argc, cha...
CVE-2002-2127
Integrity Protection Driver IPD 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink...
CVE-2002-2126
IPD 1.2 (Integrity Protection Driver) contains a vulnerability in restrictEnabled where driver installation is delayed by 20 minutes. This timing window lets a local user set the system clock back and insert malicious code during installation. Affected: IPD 1.2; root cause: clock-based delay in i...
CVE-2003-1246
CVE-2003-1246 affects the Integrity Protection Driver (IPD) versions 1.2 and 1.3. The vulnerability is in NtCreateSymbolicLinkObject within ntdll.dll, allowing a local attacker to create and overwrite arbitrary files under boot/system path via a symlink attack on \winnt\system32\drivers using the...
CVE-2002-2127
The CVE-2002-2127 entry concerns Integrity Protection Driver (IPD) versions 1.2 and earlier. The vulnerability arises from IPD blocking access to \Device\PhysicalMemory by name, but an attacker could abuse a symlink to access the device and cause a local privileged process to overwrite kernel mem...
CVE-2002-2126
restrictEnabled in Integrity Protection Driver IPD 1.2 delays driver installation for 20 minutes, which allows local users to insert malicious code by setting system clock to an earlier time...
CVE-2003-1246
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver IPD 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command...
CVE-2003-1233
Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier is affected. The root cause is the ability to create a symbolic link via NtCreateSymbolicLinkObject to access sensitive kernel resources, specifically to \Device\PhysicalMemory or via a drive letter created with subst. This bypas...
CVE-2003-1233
Pedestal Software Integrity Protection Driver IPD 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to 1 \Device\PhysicalMemory or 2 to a drive letter...
CVE-2004-1718
The ZwOpenSection function in Integrity Protection Driver IPD 1.4 and earlier allows local users to cause a denial of service crash via an invalid pointer in the "oa" argument...
CVE-2004-1718
The CVE-2004-1718 entry concerns Integrity Protection Driver (IPD) versions 1.4 and earlier. Affected component: ZwOpenSection function. Root cause: an invalid pointer in the oa argument can be exploited by a local attacker, causing a crash (denial of service). Impact is described as local denial...
IPD (Integrity Protection Driver) - Denial of Service
IPD Integrity Protection Driver - Denial of Service / ipd-dos.c Copyright c 2002-2004 By Next Generation Security S.L. All rights reserved Compiles with: cl ipd-dos.c Madrid, August 2004 / include define MYNULL 0x01 typedef DWORD zwopensectionTYPEDWORD Handle, DWORD mask, DWORD oa; int mainint...
IPD (Integrity Protection Driver) Local Exploit
Exploit for unknown platform in category local exploits =============================================== IPD Integrity Protection Driver Local Exploit =============================================== / ipd-dos.c Copyright c 2002-2004 By Next Generation Security S.L. All rights reserved Compiles wit...
IPD (Integrity Protection Driver) - Denial of Service
/ ipd-dos.c Copyright c 2002-2004 By Next Generation Security S.L. All rights reserved Compiles with: cl ipd-dos.c Madrid, August 2004 / include define MYNULL 0x01 typedef DWORD zwopensectionTYPEDWORD Handle, DWORD mask, DWORD oa; int mainint argc, char argv HINSTANCE dll; zwopensectionTYPE...