Lucene search
+L

58 matches found

Prion
Prion
added 2007/07/11 5:30 p.m.18 views

Design/Logic Flaw

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

6.6CVSS7.4AI score0.02377EPSS
Exploits1References12Affected Software1
canvas
canvas
added 2007/07/11 5:30 p.m.44 views

Immunity Canvas: WINPCAP

Name| winpcap ---|--- CVE| CVE-2007-3681 Exploit Pack| CANVAS Description| winpcap Notes| CVE Name: CVE-2007-3681 VENDOR: WinPcap.org URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550 Notes: This exploit will auto-target based on reading a kernel file on Windows 2000 o...

6.6CVSS0.1AI score0.02377EPSS
Exploits1
NVD
NVD
added 2007/07/11 5:30 p.m.31 views

CVE-2007-3681

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

6.6CVSS7.2AI score0.02377EPSS
Exploits1References12
CVE
CVE
added 2007/07/11 5:0 p.m.59 views

CVE-2007-3681

The CVE-2007-3681 issue affects WinPcap’s NPF.SYS kernel driver (before 4.0.1). The IOCTL 9031 handler BIOCGSTATS allows local users to overwrite memory via malformed Irp parameters, enabling arbitrary code execution in kernel context. Impact is local privilege escalation. Remediation is to upgra...

6.6CVSS7.2AI score0.02377EPSS
Exploits1References12Affected Software1
Cvelist
Cvelist
added 2007/07/11 5:0 p.m.31 views

CVE-2007-3681

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

7.2AI score0.02377EPSS
Exploits1References12
seebug.org
seebug.org
added 2007/07/11 12:0 a.m.18 views

WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit

No description provided by source. / WinPcap NPF.SYS Privilege Elevation Vulnerability PoC exploit ------------------------------------------------------------- Affected software: WinPcap versions affected Confirmed - WinPcap 4.0 and previous WinPcap fixed version stable : WinPcap 4.0.1 ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/07/11 12:0 a.m.55 views

WinPcap NPF.SYS驱动BIOCGSTATS参数本地权限提升漏洞

BUGTRAQ ID: 24829 WinPcap是WIN32平台上的网络分析和捕获数据包的链接库。 WinPcap的NPF.SYS驱动实现上存在漏洞,本地攻击者可能利用此漏洞提升自己的权限。 NPF.SYS驱动没有对传送给IOCTL 9031(BIOCGSTATS)的中断请求报文(IRP)参数执行充分的验证,如果向这个IOCTL发送了恶意参数,就可能导致覆盖任意内核内存。在默认安装中,只有在管理员使用了依赖于WinPcap的应用程序并初始化WinPcap时才会加载有漏洞的驱动。一旦加载,普通用户也可访问有漏洞的驱动,且在程序退出时也不会卸载驱动,除非手动卸载,否则攻击者仍可访问。...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2007/07/10 12:0 a.m.37 views

WinPcap NPF.SYS Privilege Elevation Vulnerability

WinPcap NPF.SYS Privilege Elevation Vulnerability PoC exploit ------------------------------------------------------------- Affected software: WinPcap versions affected Confirmed - WinPcap 3.1 - WinPcap 4.1 Operating systems affected Confirmed - Windows 2000 SP4 Both server and workstation -...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2007/07/10 12:0 a.m.53 views

iDefense Security Advisory 07.09.07: WinPcap NPF.SYS Local Privilege Escalation Vulnerability

WinPcap NPF.SYS Local Privilege Escalation Vulnerability iDefense Security Advisory 07.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 09, 2007 I. BACKGROUND WinPcap is a software package that facilitates real-time link-level network access for Windows-based operating systems. It...

0.4AI score
Exploits0
0day.today
0day.today
added 2007/07/10 12:0 a.m.31 views

WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit

Exploit for unknown platform in category local exploits ================================================================= WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit ================================================================= / WinPcap NPF.SYS Privilege Elevation...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/07/10 12:0 a.m.31 views

WinPcap 4.0 - 'NPF.SYS' Local Privilege Escalation

/ WinPcap NPF.SYS Privilege Elevation Vulnerability PoC exploit ------------------------------------------------------------- Affected software: WinPcap versions affected Confirmed - WinPcap 4.0 and previous WinPcap fixed version stable : WinPcap 4.0.1 Note : There was an error in the previous...

7AI score
Exploits0
exploitpack
exploitpack
added 2007/07/10 12:0 a.m.19 views

WinPcap 4.0 - NPF.SYS Local Privilege Escalation

WinPcap 4.0 - NPF.SYS Local Privilege Escalation / WinPcap NPF.SYS Privilege Elevation Vulnerability PoC exploit ------------------------------------------------------------- Affected software: WinPcap versions affected Confirmed - WinPcap 4.0 and previous WinPcap fixed version stable : WinPcap...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/07/10 12:0 a.m.34 views

WinPcap NPF.SYS Local Privilege Escalation

WinPcap, a packet capture and filtering engine, is installed on the remote Windows host. The version of WinPcap on the remote host enables a local user to execute arbitrary code in kernel context because it fails to sufficiently sanitize Interrupt Request Packet parameters before passing them to...

6.6CVSS5.9AI score0.02377EPSS
Exploits1References4
myhack58
myhack58
added 2006/04/09 12:0 a.m.95 views

Sniffit 0.3.7 FOR NT installation and examples-vulnerabilities-warning-the black bar safety net

Sniffit 0.3.7 launched the NT version, also support WINDOWS2000, I want to hurry to try, because I A friend wanted to install Netxray 3. 0 3 in WIN2K 2000BETA3 equipped not, is probably not supported by WIN2K. So see SNIFFIT NT version I this morning to pull it down. This sniffit need WinPcap...

7AI score
Exploits0
myhack58
myhack58
added 2005/12/03 12:0 a.m.53 views

ARPSniffer get the highest permissions-bug warning-the black bar safety net

Suppose you want to attack the host IP is:61.139.1.79 The same subnet the next, we have the right to limit the host IP is:61.139.1. 8 8 and 3 3 8 9 landing The first step: tracert 61.139.1.1 C:\WIN2000\system32tracert 61.139.1.1 Tracing route to HACK-4FJ7EARC 61.139.1.1 over a maximum of 3 0 hops...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2005/10/30 12:0 a.m.30 views

ethereal_slimp3_bof.py.txt

Ethereal SLIMP3 Remote Buffer Overflow PoC Bug Discoverd by Vendor?2005-10-19 Coded by Sowhat http://secway.org 2005-10-20 This PoC will crash the Ethereal Tested with Ethereal 0.10.12, WinPcap 3.1 beta4, WinXP SP2 For educational purpose only, Use at your own risk! Version 0.9.1 to 0.10.12...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/05/17 12:0 a.m.26 views

Microsoft Windows XP2003 - IPv6 Remote Denial of Service

Microsoft Windows XP2003 - IPv6 Remote Denial of Service // // Example usage: LandIpV6 \Device\NPFB1751317-BAA0-43BB-A69B-A0351960B28D //fe80::2a1:b0ff:fe08:8bcc 135 // // Written by: Konrad Malewski. // include include include include include include...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/05/17 12:0 a.m.31 views

Windows (XP, 2k3, Longhorn) is vulnerable to IpV6 Land attack.

Hi! The land attack described in - http://www.securityfocus.com/archive/1/392354 - is fixed for ipv4 by last security updates, but not for ipv6 protocol. As in IpV4 version of the attack, the build-in firewall has to be turned off to experience the result 1-5 seconds of DoS condition. Tools used:...

Exploits0
Rows per page
Query Builder