Computer Security

Forum
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Win32 'Shatter' attacks
updated since 22.08.2002
Published:24.10.2003
Source:BUGTRAQ
SecurityVulns ID:2241
Type:local
Level:7/10
Description:Is priveleged application doesn't check system messages data it may be possible to execute code in application context by setting callback functions or excluding limits causing buffer overflws.
Affected:MICROSOFT : Windows NT 4.0 Workstation
 MICROSOFT : Windows NT 4.0 Server
 MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Advanced Server
 MICROSOFT : Windows 2000 Professional
 VNC : VNC 3.3
 MICROSOFT : Windows XP
 TIGHTVNC : tightvnc 1.2
 NAI : VirusScan 4.5
 TRIDIAVNC : TridiaVNC 1.5
 DAMEWARE : DameWare Mini Remote Control Server 3.70
Original documentdocumentxenophi1e, Shatter XP (24.10.2003)
 documentash_(at)_felinemenace.org, DameWare Mini-RC Shatter (14.08.2003)
 documentBrett Moore, Shattering SEH II (30.07.2003)
 documentMICROSOFT, Microsoft Security Bulletin MS02-071:Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310) (14.12.2002)
 documentMICROSOFT, Microsoft Security Bulletin MS02-071 (12.12.2002)
 documentEXT-Bellers, Chris, Win32 API 'shatter' vulnerability found in VNC-based products (22.08.2002)
Files:Exploiting design flaws in the Win32 API for privilege escalation.
 Winlogon NetDDE Agent window WM_TIMER exploit
 Tab Control Shatter Attack Exploit
 Win32 'shatter' exploit
 Demonstrates the use of listview messages to inject shellcode to known location; overwrite 4 bytes of a critical memory address
 Microsoft Utility Manager Local Privilege Escalation
 Win32 Message Vulnerabilities Redux
Discuss:Read or add your comments to this news (0 comments)

Show Threads
Messages
 
Login:* (Register)
Password:*
(private) To:
(reply) Subject:*
Text:

Main Forum (Eng)

General security questions not appropriate for another forums. 		3proxy Forum (Eng)

All 3proxy question must be posted to this forum. 		Bugs, Vulnerabilities, PoCs and Exploits (Eng)

All vulnerability related questions, vulnerability digging and exploit creation. 		Windows programming and administration (Eng)

Administering Windows and application development. 		Unix programming and administation (Eng)

Administering Unix and application development. 		Test forum

Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)
 3proxy Forum (Rus)
 Bugs, Vulnerabilities, PoCs and Exploits (Rus)
 Windows programming and administration (Rus)
 Unix programming and administation (Rus)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru