Win32 'Shatter' attacks
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Win32 'Shatter' attacks
updated since 22.08.2002
Published:
24.10.2003
Source:
BUGTRAQ
SecurityVulns ID:
2241
Type:
local
Level:
7
/10
Description:
Is priveleged application doesn't check system messages data it may be possible to execute code in application context by setting callback functions or excluding limits causing buffer overflws.
Affected:
MICROSOFT
:
Windows NT 4.0 Workstation
MICROSOFT
:
Windows NT 4.0 Server
MICROSOFT
:
Windows 2000 Server
MICROSOFT
:
Windows 2000 Advanced Server
MICROSOFT
:
Windows 2000 Professional
VNC
:
VNC 3.3
MICROSOFT
:
Windows XP
TIGHTVNC
:
tightvnc 1.2
NAI
:
VirusScan 4.5
TRIDIAVNC
:
TridiaVNC 1.5
DAMEWARE
:
DameWare Mini Remote Control Server 3.70
Original document
xenophi1e
,
Shatter XP
(
24.10.2003
)
ash_(at)_felinemenace.org
,
DameWare Mini-RC Shatter
(
14.08.2003
)
Brett Moore
,
Shattering SEH II
(
30.07.2003
)
MICROSOFT
,
Microsoft Security Bulletin MS02-071:Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310)
(
14.12.2002
)
MICROSOFT
,
Microsoft Security Bulletin MS02-071
(
12.12.2002
)
EXT-Bellers, Chris
,
Win32 API 'shatter' vulnerability found in VNC-based products
(
22.08.2002
)
Files:
Exploiting design flaws in the Win32 API for privilege escalation.
Winlogon NetDDE Agent window WM_TIMER exploit
Tab Control Shatter Attack Exploit
Win32 'shatter' exploit
Demonstrates the use of listview messages to inject shellcode to known location; overwrite 4 bytes of a critical memory address
Microsoft Utility Manager Local Privilege Escalation
Win32 Message Vulnerabilities Redux
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Enter your search terms
Web
securityvulns.com
Submit search form
