AOH :: HP Unsorted L :: BT-21542.HTM

Local Kernel Buffer Overflow vulnerability in Avast!



Local Kernel Buffer Overflow vulnerability in Avast!
Local Kernel Buffer Overflow vulnerability in Avast!



//----- Advisory=0D
=0D
Program          : avast! 4.8.1335 Professional=0D
Homepage : http://www.avast.com=0D 
Discovery        : 2009/07/29=0D
Author Contacted : 2009/07/31=0D
Found by         : Heurs=0D
This Advisory    : Heurs=0D
Contact : heurs@ghostsinthstack.org, s.leberre@sysdream.com=0D 
=0D
=0D
//----- Application description=0D
=0D
Avast! antivirus software represents complete virus protection,=0D
offering full desktop security including a resident shield.=0D
This antivirus is certified by both ICSA Labs and West Coast=0D
Labs Checkmark.=0D
=0D
//----- Description of vulnerability=0D
=0D
The File System Filter driver is prone to a local kernel buffer overflow.=0D
This vulnerability allows an intruder to gain SYSTEM privileges on a Windows=0D
system from a limited user account.=0D
=0D
=0D
//----- Proof Of Concept=0D
=0D
http://www.sysdream.com/LocalEscalation_Avast.rar=0D 
=0D
//----- Credits=0D
=0D
http://www.sysdream.com=0D 
http://ghostsinthestack.org=0D 
=0D
s.leberre at sysdream dot com=0D
=0D
heurs at ghostsinthestack dot org=0D
=0D
//----- Greetings=0D
=0D
Virtualabs

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.