Full Disclosure mailing list archives
Multiple Buffer Overflows in Diagnostic Troubleshooting Wizard - msdt.exe - Win 8.0 Pro - x64
From: Nick Prowse <nick_prowse34 () yahoo co uk>
Date: Sun, 15 Mar 2015 14:40:59 +0000 (UTC)
Multiple Buffer Overflows in Diagnostic Troubleshooting Wizard Researcher: Nicholas Prowse Filename: msdt.exe MD5: (coming soon) File size: 1024000 bytes Operating System: Windows 8.0 OS Version: Pro Architecture: x64 Description field in Procmon: Buffer Overflow Operations (FileSystem Activity): - QuerySecurityFile - QueryAllInformationFile Paths: - C:\Windows\System32\msdt.exe - C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-net~(..longstring..)~amd64~~6.2.9200.16384.cat - C:\Users\(username)\AppData\Local\Diagnostics\460911090 Proof-of-concept or exploit code: None availableImpact: Not yet known Steps to reproduce:Install Windows 8.0 x64 from disk. Once installed started capture with Procmon v3.1. Started Diagnostic Troubleshooting Wizard. Mulitple entries with "Buffer overflow" visible in Process Monitor capture. Further info:Pml file of capture is available for further investigation including possible Stack Trace. Timeline: The issue has been made publicly available on 11/03/2015 on www.nicholasprowse.co.uk/vulnerability-research.htmlEmailed MS on 12/03/2015.Received email from MSRC on 12/03/2015 opening case. _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Multiple Buffer Overflows in Diagnostic Troubleshooting Wizard - msdt.exe - Win 8.0 Pro - x64 Nick Prowse (Mar 16)
- <Possible follow-ups>
- Re: Multiple Buffer Overflows in Diagnostic Troubleshooting Wizard - msdt.exe - Win 8.0 Pro - x64 jericho (Mar 18)