New User, Welcome!     Login

Local Privilege Escalation

Avast aswMon2.sys kernel memory corruption and Local Privilege Escalation.

Source: https://www.evilfingers.com/advisory/Advisory/Avast_aswMon2.sys_kernel_memory_corruption_and_Local_Privilege_Escalation.php


-----------[Avast aswMon2.sys kernel memory corruption and Local Privilege Escalation]--------->

Author: Giuseppe 'Evilcry' Bonfa'
E-Mail: evilcry {AT} GMAIL {DOT} COM<br>
Website: http://evilcry.netsons.org<br>
http://evilcodecave.blogspot.com<br>
http://evilcodecave.wordpress.com<br>

Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack

-----------------------

Derek Soeder has previously reported some legendary NT bugs, including multiple
vdm bugs that, while unrelated to this issue, make fascinating reading.

- http://seclists.org/fulldisclosure/2004/Oct/404, Windows VDM #UD LocalPrivilege Escalation
- http://seclists.org/fulldisclosure/2004/Apr/477, Windows VDM TIB Local Privilege Escalation
- http://seclists.org/fulldisclosure/2007/Apr/357, Zero Page Race Condition Privilege Escalation

-------------------
Appendix

{PRL} QuickHeal antivirus 2010 Local Privilege Escalation

#####################################################################################

Application:  QuickHeal antivirus 2010 Local Privilege Escalation
            
Platforms:    Windows Vista SP2

Exploitation: Local Privilege Escalation

Date:         2009-12-16

TheGreenBow VPN Client tgbvpn.sys DoS and Potential Local

Original Advisory Link: https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php
 
++++++++++++++++++++++++++++++++++++++++++++++++++++
-----------[TheGreenBow VPN Client tgbvpn.sys DoS and Potential Local
Privilege Escalation]--------->


Author: Giuseppe 'Evilcry' Bonfa'
E-Mail: evilcry {AT} GMAIL {DOT} COM
Website: http://evilcry.netsons.org

iSEC Partners Security Advisory - 2008-002-lenovornr - Lenovo Rescue and Recovery 4.20

Vendor: Lenovo
Vendor URL: http://www.lenovo.com
Versions affected: 4.20 
Systems Affected: Windows XP, Windows Vista
Severity: Medium (Local Privilege Escalation)
Authors: Chris Clark <cclark[at]isecpartners[dot]com> 
         Rachel Engel <rachel[at]isecpartners[dot]com>

Vendor notified: Yes
Public release: 10/10/08

[security bulletin] HPSBUX02415 SSRT090023 rev.1 - HP-UX Running PAM Kerberos, Local Privilege Escalation, Unauthorized Access

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01690019
Version: 1

HPSBUX02415 SSRT090023 rev.1 - HP-UX Running PAM Kerberos, Local Privilege Escalation, Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2009-04-06
Last Updated: 2009-04-06

[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation

[ Wintercore Advisory ]

Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation


:: Non-Technical Description

Realtek HD Audio Codec Drivers are prone to a local privilege escalation 
due to insufficient validation of user-mode buffers. Successful

Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation

http://www.efblog.net/2009/11/avast-aswrdrsys-kernel-pool-corruption.html

=============[Avast aswRdr.sys Kernel Pool Corruption and Local
Privilege Escalation]================

Author(s): Giuseppe 'Evilcry' Bonfa'
    AbdulAziz Hariri

E-Mail: evilcry {AT} GMAIL {DOT} COM
Website:   http://evilcry.netsons.org

Re: {PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability

PRL> Application:  Panda Global Protection 2010
PRL>           Panda Internet Security 2010                

PRL> Platforms:    Windows XP Professional SP & windows Vista SP1

PRL> Exploitation: Local Privilege Escalation

PRL> Date:         2009-10-27

PRL> Author:       Francis Provencher (Protek Research Lab's)

{PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability

Application:  Panda Global Protection 2010
          Panda Internet Security 2010                

Platforms:    Windows XP Professional SP & windows Vista SP1

Exploitation: Local Privilege Escalation

Date:         2009-10-27

Author:       Francis Provencher (Protek Research Lab's)

VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues

~     VMware Fusion      1.1 upgrade to version 1.1.1 (Build# 72241)

~     NOTE: This issue doesn't affect the latest versions of VMware
~           Workstation 6, VMware Player 2, and ACE 2 products.

~ h.  Local Privilege Escalation on Windows based platforms by
~     Hijacking VMware VMX configuration file

~     VMware uses a configuration file named "config.ini" which
~     is located in the application data directory of all users.
~     By manipulating this file, a user could gain elevated


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!