|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
s.leberre
sysdream.com
Date: Mon Aug 24 2009 - 07:09:01 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
//----- Advisory
Program : avast! 4.8.1335 Professional
Homepage : http://www.avast.com
Discovery : 2009/07/29
Author Contacted : 2009/07/31
Found by : Heurs
This Advisory : Heurs
Contact : heursghostsinthstack.org, s.leberresysdream.com
//----- Application description
Avast! antivirus software represents complete virus protection,
offering full desktop security including a resident shield.
This antivirus is certified by both ICSA Labs and West Coast
Labs Checkmark.
//----- Description of vulnerability
The File System Filter driver is prone to a local kernel buffer overflow.
This vulnerability allows an intruder to gain SYSTEM privileges on a Windows
system from a limited user account.
//----- Proof Of Concept
http://www.sysdream.com/LocalEscalation_Avast.rar
//----- Credits
http://www.sysdream.com
http://ghostsinthestack.org
s.leberre at sysdream dot com
heurs at ghostsinthestack dot org
//----- Greetings
Virtualabs
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]