ArcaVir 2009 < 9.4.320X.9 (ps_drv.sys) Local Privilege Escalation Exploit

2009.06.01
Credit: NT Internals
Risk: High
Local: Yes
Remote: No
CWE: CWE-20


CVSS Base Score: 7.2/10
Impact Subscore: 10/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

//////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | ArcaBit Sp. z o.o. - http://www.arcabit.com/ | // // | | // // | Affected Software: | // // | ArcaVir 2009 Antivirus Protection <= 9.4.3201.9 | // // | ArcaVir 2009 Internet Security <= 9.4.3202.9 | // // | ArcaVir 2009 System Protection <= 9.4.3203.9 | // // | ArcaVir 2009 Home Protection <= 9.4.3204.9 | // // | | // // | Affected Driver: | // // | ps_drv.sys | // // | | // // | Local Privilege Escalation Exploit | // // | For Educational Purposes Only ! | // // | | // // +----------------------------------------------------------------------------+ // // | | // // | NT Internals - http://www.ntinternals.org/ | // // | alex ntinternals org | // // | 23 May 2009 | // // | | // // | References: | // // | ArcaVir (ps_drv.sys) Multiple Privilege Escalation Vulnerabilities | // // | NTIADV0814 - http://www.ntinternals.org/ntiadv0814/ntiadv0814.html | // // | | // // | Exploiting Common Flaws in Drivers | // // | Ruben Santamarta - http://www.reversemode.com/ | // // | | // // +----------------------------------------------------------------------------+ // //////////////////////////////////////////////////////////////////////////////////// Exploit: http://ntinternals.org/ntiadv0814/PsDrv_Exp.zip Mirror: Advisory: http://ntinternals.org/ntiadv0814/ntiadv0814.html

References:

http://ntinternals.org/ntiadv0814/PsDrv_Exp.zip
http://ntinternals.org/ntiadv0814/ntiadv0814.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top