[Full-Disclosure] Re: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges

auto4751_at_hushmail.com
Date: 02/19/04

  • Next message: insecure: "Re: [Full-Disclosure] Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution" 
    To: full-disclosure@lists.netsys.com
Date: Wed, 18 Feb 2004 15:28:50 -0800

    is this really exciting, like cant u always get system if u have SeDebugPrivilege
    and then go system to kernel??? c00l to get around some kernel protection
    that wont let u load a driver though

    allways nice 2 see some real tech posts on the lists 4 once instead of
    all that usual 'hey other security d00d, my d*x bigger then urs' drivell

    -g33k_sp33k

    > Multiple WinXP kernel vulns can give user mode programs kernel
    > mode privileges
    >
    > Summary
    > =======
    >
    > There exist several vulnerabilities in one of Windows XP
    > kernel's native API functions which allow any user with the
    > SeDebugPrivilege privilege to execute arbitrary code in kernel
    > mode, and read from and write to any memory address, including
    > kernel memory.

    Concerned about your privacy? Follow this link to get
    FREE encrypted email: https://www.hushmail.com/?l=2

    Free, ultra-private instant messaging with Hush Messenger
    https://www.hushmail.com/services.php?subloc=messenger&l=434

    Promote security and make money with the Hushmail Affiliate Program:
    https://www.hushmail.com/about.php?subloc=affiliate&l=427

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: insecure: "Re: [Full-Disclosure] Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution"

    Relevant Pages
    • Quantcast