Dailydave mailing list archives
Re: ID, Apples
From: "Matt Conover" <mconover () gmail com>
Date: Thu, 25 May 2006 16:53:59 -0700
Also kernel-mode heap exploits were demonstrated by at Xcon 2005 and SyScan 2005 by SoBeIt. http://xcon.xfocus.org/xcon2005/archives/2005/Xcon2005_SoBeIt.pdf On 5/24/06, Marc Maiffret <mmaiffret () eeye com> wrote:
Remote windows kernel exploits were demonstrated in 2004 by Barnaby Jack and within the same year by Flashsky. They both did extensive presentations also in 2005 showing specifically how to exploit remote kernel vulnerabilities. Symantec Multiple Firewall Remote DNS KERNEL Overflow (April 19, 2004) http://www.eeye.com/html/research/advisories/AD20040512D.html Conference: Remote Windows Kernel Exploitation - Step In To the Ring 0 (2005) http://www.blackhat.com/html/bh-usa-05/bh-usa-05-speakers.html Paper: Remote Windows Kernel Exploitation - Step into the Ring 0 (2005) http://www.eeye.com/~data/publish/whitepapers/research/OT20050205.FILE.p df -Marc > -----Original Message----- > From: Dave Aitel [mailto:dave () immunityinc com] > Sent: Sunday, May 21, 2006 5:08 PM > To: dailydave > Subject: [Dailydave] ID, Apples <snip> > Sinan Eren wrote a working version of GREENAPPLE, a remote > kernel overflow in SMB for Windows 2000. It's available now > to Immunity Partners, but it will be in the June Immunity > CANVAS release, which will be interesting. Essentially it's > the first remote kernel overflow I've ever seen - maybe > someone knows of one I don't? > > -dave > > * Unknown Key > * 0xE3C0FA25 - unknown > > >
Current thread:
- ID, Apples Dave Aitel (May 24)
- <Possible follow-ups>
- RE: ID, Apples Marc Maiffret (May 25)
- Re: ID, Apples Joel Eriksson (May 26)
- Re: ID, Apples Matt Conover (May 26)
- RE: ID, Apples sinan . eren (May 26)
- Re: ID, Apples Piotr Bania (May 26)