EUVD-2007-3665

Malware in sbrugna...

CVE-2007-5756

Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...

Code injection

Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...

CVE-2007-5756

CVE-2007-5756 : A local privilege-escalation flaw in WinPcap’s NPF.SYS driver (bpf_filter_init) arises from multiple array-indexing errors when handling IOCTLs, allowing crafted IOCTL requests to gain kernel-mode privileges. Affected: WinPcap up to version 4.0.1 (and variants used by Wireshark). ...

CVE-2007-5756

Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...

iDefense Security Advisory 11.12.07: WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability

iDefense Security Advisory 11.12.07 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 12, 2007 I. BACKGROUND WinPcap is a software package that facilitates real-time link-level network access for Windows-based operating systems. A wide range of open-source projects, including Wireshark,...

WinPcap NPF.SYS bpf_filter_init函数本地权限提升漏洞

BUGTRAQ ID: 26409 CVECAN ID: CVE-2007-5756 WinPcap是WIN32平台上的网络分析和捕获数据包的链接库。 WinPcap的NPF.SYS设备驱动中的bpffilterinit函数存在无效的数组索引漏洞，这个函数的几处调用未经正确的边界检查便将用户所提供的输入值用作了数组索引。如果用特定的值执行了IOCTL请求，攻击者就可以破坏内核中的栈或池内存，导致执行任意指令。 通常在管理员使用WinPcap相关应用程序时会加载设备驱动，加载后正常用户都可以访问，使用这个驱动的程序退出后也不会卸载这个驱动，因此在手动卸载之前仍可利用。 WinPcap...

WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Local Privilege Escalation

WinPcap, a packet capture and filtering engine, is installed on the remote Windows host. The version of WinPcap on the remote host enables a local user to execute arbitrary code in kernel context because it fails to validate array indices passed to the 'bpffilterinit' function via specially craft...

Design/Logic Flaw

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

CVE-2007-3681

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

CVE-2007-3681

The CVE-2007-3681 issue affects WinPcap’s NPF.SYS kernel driver (before 4.0.1). The IOCTL 9031 handler BIOCGSTATS allows local users to overwrite memory via malformed Irp parameters, enabling arbitrary code execution in kernel context. Impact is local privilege escalation. Remediation is to upgra...

CVE-2007-3681

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

WinPcap NPF.SYS驱动BIOCGSTATS参数本地权限提升漏洞

BUGTRAQ ID: 24829 WinPcap是WIN32平台上的网络分析和捕获数据包的链接库。 WinPcap的NPF.SYS驱动实现上存在漏洞，本地攻击者可能利用此漏洞提升自己的权限。 NPF.SYS驱动没有对传送给IOCTL 9031（BIOCGSTATS）的中断请求报文（IRP）参数执行充分的验证，如果向这个IOCTL发送了恶意参数，就可能导致覆盖任意内核内存。在默认安装中，只有在管理员使用了依赖于WinPcap的应用程序并初始化WinPcap时才会加载有漏洞的驱动。一旦加载，普通用户也可访问有漏洞的驱动，且在程序退出时也不会卸载驱动，除非手动卸载，否则攻击者仍可访问。...

WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit

No description provided by source. / WinPcap NPF.SYS Privilege Elevation Vulnerability PoC exploit ------------------------------------------------------------- Affected software: WinPcap versions affected Confirmed - WinPcap 4.0 and previous WinPcap fixed version stable : WinPcap 4.0.1 ...

WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit

Exploit for unknown platform in category local exploits ================================================================= WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit ================================================================= / WinPcap NPF.SYS Privilege Elevation...

iDefense Security Advisory 07.09.07: WinPcap NPF.SYS Local Privilege Escalation Vulnerability

WinPcap NPF.SYS Local Privilege Escalation Vulnerability iDefense Security Advisory 07.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 09, 2007 I. BACKGROUND WinPcap is a software package that facilitates real-time link-level network access for Windows-based operating systems. It...

WinPcap 4.0 - NPF.SYS Local Privilege Escalation

WinPcap 4.0 - NPF.SYS Local Privilege Escalation / WinPcap NPF.SYS Privilege Elevation Vulnerability PoC exploit ------------------------------------------------------------- Affected software: WinPcap versions affected Confirmed - WinPcap 4.0 and previous WinPcap fixed version stable : WinPcap...

WinPcap NPF.SYS Local Privilege Escalation

WinPcap, a packet capture and filtering engine, is installed on the remote Windows host. The version of WinPcap on the remote host enables a local user to execute arbitrary code in kernel context because it fails to sufficiently sanitize Interrupt Request Packet parameters before passing them to...

WinPcap 4.0 - 'NPF.SYS' Local Privilege Escalation

/ WinPcap NPF.SYS Privilege Elevation Vulnerability PoC exploit ------------------------------------------------------------- Affected software: WinPcap versions affected Confirmed - WinPcap 4.0 and previous WinPcap fixed version stable : WinPcap 4.0.1 Note : There was an error in the previous...