EUVD-2005-1907

Malware in sbrugna...

Kaspersky AntiVirus "klif.sys" Privilege Escalation Vulnerability

No description provided by source. / Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include windows.h undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet; unsigned char...

Kaspersky AntiVirus "klif.sys" Privilege Escalation Vulnerability

No description provided by source. / Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include windows.h undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet; unsigned char...

Kaspersky杀毒软件klif.sys权限提升漏洞

BUGTRAQ ID: 13878 CVECAN ID: CVE-2005-1905 Kaspersky是一款非常流行的杀毒软件。 Microsoft Windows 2000平台的Kaspersky软件设计上存在漏洞，本地攻击者可能利用此漏洞提升自己的权限。 起因是Kaspersky内核驱动klif.sys没有正确丢弃高权限，攻击者可能利用这个漏洞以系统内核的权限执行任意代码。 Kaspersky Labs Kaspersky Antivirus 5.0.335 Kaspersky Labs Kaspersky Antivirus 5.0.228 Kaspersky Labs...

CVE-2007-1880

Integer overflow in the NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned...

CVE-2007-1881

CVE-2007-1881 : Affected are Kaspersky products using KLIF (klif.sys) on KAV/AV for Workstations/File Servers 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614. Local users can gain Ring-0 privileges via unspecified vectors. The vulnerability is documented with a MEDIUM seve...

CVE-2007-1880

CVE-2007-1880: Integer overflow in the NtSetValueKey function within klif.sys exposes a heap overflow in Kaspersky Anti-Virus/Internet Security 6.0 (prior to Maintenance Pack 2, build 6.0.2.614). The issue is triggered by a large unsigned data size argument, allowing context-dependent attackers w...

CVE-2005-1905

The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs...

CVE-2005-1905

CVE-2005-1905 affects Kaspersky Anti-Virus on Windows 2000 via the klif.sys kernel driver. The Seebug and NVD records indicate the klif.sys component can be abused by a local attacker to gain privileges by modifying certain high-privilege code addresses that are later accessed by privileged proce...

CVE-2005-1905

The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs...

Kaspersky Antivirus privilege escalation

klif.sys driver removes supervisor memory protection bit. It's code can be modified from user space application and to be executed in kernel mode...

Kaspersky AntiVirus "klif.sys" Privilege Escalation Vulnerability

Security advisory. Kaspersky antivirus v. 5.0.227, 5.0.228, 5.0.335 under Windows2000. There is nothing found under Windows XP. There is Windows2000 security subsystem breakout found inside Kaspersky antivirus v. 5.0.227, 5.0.228, 5.0.335. It is possible to exploit it with local privilege...

Kaspersky AntiVirus - 'klif.sys' Local Privilege Escalation

/ Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet; unsigned char code=0x68,0x00,0x02,0x00,0x00, //push 0x200...

Kaspersky AntiVirus - klif.sys Local Privilege Escalation

Kaspersky AntiVirus - klif.sys Local Privilege Escalation / Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet;...

Kaspersky AntiVirus "klif.sys" Privilege Escalation Vulnerability

Exploit for unknown platform in category local exploits ================================================================= Kaspersky AntiVirus "klif.sys" Privilege Escalation Vulnerability ================================================================= / Added NOSTRICT to 1 on line 2 /str0ke !...

Kaspersky AntiVirus ""klif.sys"" Privilege Escalation Vulnerability

No description provided by source. / Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include windows.h undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet; unsigned char...