exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Zohiartze Herce

07122007-symTDI_advisory.rar

Posted Jul 13, 2007

Authored by Zohiartze Herce | Site 48bits.com

Symantec Norton Security suffers from a local privilege escalation vulnerability in symTDI.sys. Exploit included.

tags | exploit, local

SHA-256 | 346b36e57180712961f94ec561d4f025aa38510cab65289c24d7891db2570bf7

Download | Favorite | View

iDEFENSE Security Advisory 2007-07-11.2

Posted Jul 12, 2007

Authored by iDefense Labs, Zohiartze Herce | Site idefense.com

iDefense Security Advisory 07.11.07 - Local exploitation of an input validation vulnerability in version 5.5.1.6 of symtdi.sys allows attackers to elevate privileges to SYSTEM. The vulnerability specifically exists due to improper address space validation when the \\symTDI\ device driver processes IOCTL 0x83022323. An attacker can overwrite an arbitrary address, including code segments, with a constant double word value by supplying a specially crafted Irp to the IOCTL handler function. iDefense confirmed this vulnerability in version 5.5.1.6 of Symantec's symtdi.sys device driver as included with version 10 of Symantec AntiVirus Corporate Edition. Previous versions and related products that contain the affected driver are suspected vulnerable.

tags | advisory, arbitrary, local

advisories | CVE-2007-3673

SHA-256 | 89b8df0a698bad87591ee7bc3ce90d08d805621a82a1469e365acd5f4ab9e8bb

Download | Favorite | View