Showing 1 - 3 of 3

Files from Jay Smith

Windows tcpip.sys Arbitrary Write Privilege Escalation: Posted Feb 5, 2015; Authored by Matt Bergin, Jay Smith | Site metasploit.com; A vulnerability within the Microsoft TCP/IP protocol driver tcpip.sys, can allow an attacker to inject controlled memory into an arbitrary location within the kernel.; tags | exploit, arbitrary, kernel, tcp, protocol; advisories | CVE-2014-4076; SHA-256 | a10f3a60dd5ca145c224a448fbe2a59eb98a01bc4f0e54ff4952738ca7c1e8d5; Download | Favorite | View

Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation: Posted Oct 15, 2014; Authored by Matt Bergin, Jay Smith | Site metasploit.com; A vulnerability within Microsoft Bluetooth Personal Area Networking module, BthPan.sys, can allow an attacker to inject memory controlled by the attacker into an arbitrary location. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently calling NtQueryIntervalProfile.; tags | exploit, arbitrary; advisories | CVE-2014-4971; SHA-256 | d94d249bed8485ab2ccc4e373683d6802502b4edd5262cd0b25082323dcef9a7; Download | Favorite | View

VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation: Posted Aug 12, 2014; Authored by Matt Bergin, Jay Smith | Site metasploit.com; A vulnerability within the VBoxGuest driver allows an attacker to inject memory they control into an arbitrary location they define. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently calling NtQueryIntervalProfile on Windows XP SP3 systems. This has been tested with VBoxGuest Additions up to 4.3.10r93012.; tags | exploit, arbitrary; systems | windows; advisories | CVE-2014-2477; SHA-256 | ed08fc54fb11f75fb8240f00e12ad3f0eb15c9ef81cff67a88e74e2b8793b557; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days