Re: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges
From: 3APA3A (3APA3A_at_SECURITY.NNOV.RU)
Date: 02/19/04
- Previous message: Zone Labs Product Security: "Zone Labs Security Advisory ZL04-08 - SMTP processing vulnerability"
- In reply to: first last: "Multiple WinXP kernel vulns can give user mode programs kernel mode privileges"
- Next in thread: Alun Jones: "RE: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 19 Feb 2004 14:09:09 +0300 To: "first last" <randnut@hotmail.com>
Dear first last,
--Thursday, February 19, 2004, 1:15:20 AM, you wrote to full-disclosure@lists.netsys.com:
fl> There exist several vulnerabilities in one of Windows XP kernel's native API
fl> functions which allow any user with the SeDebugPrivilege privilege to
fl> execute arbitrary code in kernel mode, and read from and write to any memory
fl> address, including kernel memory.
SeDebugPrivilege allows you to change execution flow for any process or
kill any process (for example security subsystem or any RPC server).
This privilege is enough to compromise system in thousand ways by
design. By default only Administrators have this privilege.
-- ~/ZARAZA Электрические шоки очень полезны для формирования характера. (Лем)
- Previous message: Zone Labs Product Security: "Zone Labs Security Advisory ZL04-08 - SMTP processing vulnerability"
- In reply to: first last: "Multiple WinXP kernel vulns can give user mode programs kernel mode privileges"
- Next in thread: Alun Jones: "RE: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
