[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Local Kernel Buffer Overflow vulnerability in Avast!

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Local Kernel Buffer Overflow vulnerability in Avast!
From: s.leberre@xxxxxxxxxxxx
Date: 24 Aug 2009 12:09:01 -0000

//----- Advisory

Program          : avast! 4.8.1335 Professional
Homepage         : http://www.avast.com
Discovery        : 2009/07/29
Author Contacted : 2009/07/31
Found by         : Heurs
This Advisory    : Heurs
Contact          : heurs@xxxxxxxxxxxxxxxxxxx, s.leberre@xxxxxxxxxxxx


//----- Application description

Avast! antivirus software represents complete virus protection,
offering full desktop security including a resident shield.
This antivirus is certified by both ICSA Labs and West Coast
Labs Checkmark.

//----- Description of vulnerability

The File System Filter driver is prone to a local kernel buffer overflow.
This vulnerability allows an intruder to gain SYSTEM privileges on a Windows
system from a limited user account.


//----- Proof Of Concept

http://www.sysdream.com/LocalEscalation_Avast.rar

//----- Credits

http://www.sysdream.com
http://ghostsinthestack.org

s.leberre at sysdream dot com

heurs at ghostsinthestack dot org

//----- Greetings

Virtualabs

Prev by Date: FreeBSD <= 6.1 kqueue() NULL pointer dereference
Next by Date: [SECURITY] [DSA 1871-1] New wordpress packages fix several vulnerabilities
Previous by thread: FreeBSD <= 6.1 kqueue() NULL pointer dereference
Next by thread: [SECURITY] [DSA 1871-1] New wordpress packages fix several vulnerabilities
Index(es):
- Date
- Thread