Full Disclosure mailing list archives
Re: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Thu, 19 Feb 2004 14:09:09 +0300
Dear first last, --Thursday, February 19, 2004, 1:15:20 AM, you wrote to full-disclosure () lists netsys com: fl> There exist several vulnerabilities in one of Windows XP kernel's native API fl> functions which allow any user with the SeDebugPrivilege privilege to fl> execute arbitrary code in kernel mode, and read from and write to any memory fl> address, including kernel memory. SeDebugPrivilege allows you to change execution flow for any process or kill any process (for example security subsystem or any RPC server). This privilege is enough to compromise system in thousand ways by design. By default only Administrators have this privilege. -- ~/ZARAZA Электрические шоки очень полезны для формирования характера. (Лем) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Multiple WinXP kernel vulns can give user mode programs kernel mode privileges first last (Feb 18)
- Re: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges 3APA3A (Feb 19)
- RE: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges Alun Jones (Feb 19)
- <Possible follow-ups>
- Re: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges auto4751 (Feb 18)
- RE: Re: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges first last (Feb 19)
- RE: Multiple WinXP kernel vulns can give user mode programs kernel mode privileges first last (Feb 19)