OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [Full-disclosure] msgina.dll BSOD

From: 3APA3A (3APA3ASECURITY.NNOV.RU)
Date: Fri Dec 29 2006 - 04:22:59 CST


Dear /dev/null,

To manipulate GINA you need administrative privileges.

--Friday, December 29, 2006, 3:34:51 AM, you wrote to full-disclosurelists.grok.org.uk:

dn> Hi,

dn> This if from MS forums:
dn> http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1043407&SiteID=1

dn> Tested on Windows XP SP2 (EN) fully patched.

dn> Here's the instant PoC:
dn> http://users.volja.net/database/MSGINA.zip

dn> Cheers,
dn> /ex.

dn> ____________________
dn> http://www.email.si/

dn> _______________________________________________
dn> Full-Disclosure - We believe in it.
dn> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
dn> Hosted and sponsored by Secunia - http://secunia.com/

--
~/ZARAZA
Стреляя во второй раз, он искалечил постороннего. Посторонним был я. (Твен)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/