Bug: MS11-077 .fon Kernel-Mode Buffer Overrun PoC ( Ascii Version )

Search:
WLB2

MS11-077 .fon Kernel-Mode Buffer Overrun PoC

Published
Credit
Risk
2011.10.23
Byoungyoung Lee
High
CWE
CVE
Local
Remote
CWE-119
CVE-2011-2003
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

# Exploit Title: MS11-077 .fon buffer overrun kernel-mode drivers exploit
# Google Dork: [if relevant] �(we will automatically add these to the GHDB)
# Date: 10/12/2011
# Author: Byoungyoung Lee, http://www.cc.gatech.edu/~blee303/
# Software Link:
# Version: Windows 7 32bit, fully patched until Sep. 2011
# Tested on: Windows 7 32bit
# CVE : CVE-2011-2003

Exploit is downloadable from:

http://www.exploit-db.com/sploits/my.fon.tar.gz

http://exploitshop.wordpress.com/2011/10/12/ms11-077-vulnerabilities-in-windows-kernel-mode-drivers-could-allow-remote-c
ode-execution-2567053/

Byoungyoung

References:

http://technet.microsoft.com/en-us/security/bulletin/MS11-077
http://www.securitytracker.com/id?1026165
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:13103

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version