|
Feeds -
Exploits
|
|
Written by Alex of NT Internals
|
|
Wednesday, 11 March 2009 22:00 |
mks_vir 'mksmonen.sys' IOCTL Request Local Privilege Escalation Vulnerability
-\\Bugtraq ID:
34039
-\\Class:
Boundary Condition Error
-\\CVE:
-\\Remote:
No
-\\Local:
Yes
-\\Published:
Mar 09 2009 12:00AM
-\\Updated:
Mar 11 2009 07:36PM
-\\Credit:
Alex of NT Internals
-\\Vulnerable:
MKS Sp. z o.o. mks_vir 0
-\\Not Vulnerable:
MKS Sp. z o.o. mks_vir 9 Beta 1.2.0.0 Build
-\\Discussion
The 'mks_vir' program is prone a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with elevated privileges; this may aid in further attacks.
Versions prior to mks_vir 9 Beta 1.2.0.0 build 297 are vulnerable.
-\\Exploit(s)/PoC(s):
The following exploit code is available:
============================
http://www.securityfocus.com/data/vulnerabilities/exploits/mksmonen_exp.zip
-\\Solution
Reports indicate that this issue has been fixed. Please see the references for more information.
-\\References(s)
--mks_vir (mksmonen.sys) Privilege Escalation Vulnerability
http://ntinternals.org/ntiadv0809/ntiadv0809.htm (NT Internals)
--Vendor Homepage
http://www.mks.com.pl (MKS Sp. z o.o)
|
