Full Disclosure mailing list archives
Re: Local persistent DoS in Windows XP SP2 Taskmanager
From: reepex <reepex () gmail com>
Date: Fri, 14 Mar 2008 15:01:07 -0500
While I am sure MS is now trembling at the disclosure of such a high impact bug, I am wondering why you chose core-security.net as your domain when core security (.com) is already known as a leading security company with a good name? On Fri, Mar 14, 2008 at 2:49 PM, SkyOut <skyout () gmx net> wrote:
Dear list, after weeks of total ignorance by Microsoft I decided to finally release all information related to a bug, that has to do with the Windows XP SP2 Taskmanager. Manipulating a Registry key makes it possible to disable the Taskmgr. On the next startup it will crash with an error message. It is possible to backup the key and repair the Registry doing so, but the attack scenario is clear: A virus uses this code, the user can't open the Taskmgr anymore and your process is somehow "hidden". The full information about this bug, can be found here: http://core-security.net/archive/2008/march/index.php#14032008 And the exploit is available here: http://core-security.net/releases/exploits/taskmgr_dos.c.txt Greets, SkyOut --- core-security.net --- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Local persistent DoS in Windows XP SP2 Taskmanager SkyOut (Mar 14)
- Re: Local persistent DoS in Windows XP SP2 Taskmanager reepex (Mar 14)
- Re: Local persistent DoS in Windows XP SP2 Taskmanager 3APA3A (Mar 15)