4317 matches found
ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability
Hello, I would like to inform you about a vulnerability in BlackICE PC Protection driver found by Matousec - Transparent security. Description: Hooking SSDT functions requires extra caution. SSDT function handlers are executed in the kernel mode but their callers are executed in the user mode...
Internet Security Systems 3.6 BlackICE - Local Denial of Service
source: https://www.securityfocus.com/bid/19800/info Internet Security Systems ISS BlackICE PC Protection is prone to a local denial-of-service vulnerability because the application fails to properly sanitize user-supplied input. This vulnerability allows local attackers to crash affected systems...
Multiple Microsoft Windows Server service security vulnerabilities
Kernel mode heap overflow on mailslots processing. Information leak from SMB buffers...
Allowing User-mode Code to Access Kernel Memory
Allowing User-mode Code to Access Kernel Memory One of the most important principles of the kernel/user division that modern operating systems enforce is that user mode is not allowed to directly access kernel mode memory. This is necessary to enforce system stability, such as to prevent a buggy...
Kaspersky Antivirus multiple vulnerabilities
Unsafe kernel mode components implementation leads to Denial of Service and potentially to privilege elevation. Most serious problem is user mode code can access kernel memory...
Patching system services at runtime
Patching system services at runtime Although KAV appears to use a filesystem filter, the standard Windows mechanism for intercepting accesses to files specifically designed for applications like anti-virus software, the implementors also used a series of API-level function hooks to intercept...
DSA-1017-1 kernel-source-2.6.8 - several
Bulletin has no description...
Kaspersky Antivirus privilege escalation
klif.sys driver removes supervisor memory protection bit. It's code can be modified from user space application and to be executed in kernel mode...
Microsoft Client Server Runtime System Vulnerability
Overview The Microsoft Client Server Runtime System CSRSS incorrectly validates certain messages potentially resulting in privilege elevation. Description CSRSS is the user-mode part of the Win32 subsystem. Win32.sys is the kernel-mode portion of the Win32 subsystem. The Win32 subsystem must be...
[NGSEC-2004-7] NtRegmon, local system denial of service.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Next Generation Security Technologies http://www.ngsec.com Security Advisory Title: NtRegmon, local system denial of service. ID: NGSEC-2004-7 Application: NtRegmon http://www.sysinternals.com/ntw2k/source/regmon.shtml Date: 14/Aug/2004 Status: Patche...
OpenBSD DoS and buffer overflow
NULL pointer is possible on executable file parsing. In case patches against this vulnerability are installed there is a new vulnerability with kernel mode buffer overflow...
CVE-1999-1360
Windows NT 4.0 is affected by CVE-1999-1360. A local user can cause a denial of service by a user-mode application closing a handle that was opened in kernel mode, leading to a kernel crash when the kernel closes the handle. The NVD data shows a low base score (2.1) with local attack vector and p...
Microsoft Windows XP/2000 - GDI Denial of Service
source: https://www.securityfocus.com/bid/3481/info The Windows Graphics Device Interface GDI is a set of Application Programming Interfaces APIs used to display graphical output. A vulnerability exists which causes the GDI to invoke a Kernel Mode Exception due to a memory access error. This acti...
SECURITY.NNOV: special devices access in multiple archivers
Hello, Topic: Special devices access in multiple archivers Author: 3APA3A [email protected] Platform: Windows Affected Software: WinZIP Computing's WinZIP 8.0, PKWare PkZip 4.0, RARSoft WinRar 2.80 Risk: average Released: July, 5, 2001 SECURITY.NNOV advisories:...
Loading Rootkit using SystemLoadAndCallImage
Greets, For a while there has been a thread on NTBUGTRAQ about kernel-mode protection from rootkits. This is good - the whole point of our rootkit.com project is to get people thinking about the problem. For example, there is now an ANTI-Rootkit called Integrity Protection Driver from Pedestal...
CVE-1999-1360
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle...
CVE-1999-1364
Windows NT 4.0 allows local users to cause a denial of service crash via an illegal kernel mode address to the functions 1 GetThreadContext or 2 SetThreadContext...