Buffer overflow : avast! 'aswRdr.sys' Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900985

Categoría: Buffer overflow

Título: avast! 'aswRdr.sys' Buffer Overflow Vulnerability

Resumen: avast! AntiVirus is prone to a buffer overflow vulnerability.

Descripción: Summary:
avast! AntiVirus is prone to a buffer overflow vulnerability.

Vulnerability Insight:
The vulnerability is due to an error in 'aswRdr.sys' when processing
IOCTLs. This can be exploited to corrupt kernel memory via a specially crafted 0x80002024 IOCTL.

Vulnerability Impact:
Successful exploitation could allow remote attackers to cause a Denial of
Service or potentially gain escalated privileges.

Affected Software/OS:
avast! Home and Professional version 4.8.1356 and prior on Windows.

Solution:
Upgrade to avast! Home and Professional version 4.8.1367 or later.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-4049
BugTraq ID: 37031
http://www.securityfocus.com/bid/37031
Bugtraq: 20091114 Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation (Google Search)
http://www.securityfocus.com/archive/1/507891/100/0/threaded
http://www.efblog.net/2009/11/avast-aswrdrsys-kernel-pool-corruption.html
https://www.evilfingers.com/advisory/Advisory/Avast_aswRdr_sys_Kernel_Pool_Corruption_and_Local_Privilege_Escalation.php
http://secunia.com/advisories/37368
http://www.vupen.com/english/advisories/2009/3266

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900985
Categoría:	Buffer overflow
Título:	avast! 'aswRdr.sys' Buffer Overflow Vulnerability
Resumen:	avast! AntiVirus is prone to a buffer overflow vulnerability.
Descripción:	Summary: avast! AntiVirus is prone to a buffer overflow vulnerability. Vulnerability Insight: The vulnerability is due to an error in 'aswRdr.sys' when processing IOCTLs. This can be exploited to corrupt kernel memory via a specially crafted 0x80002024 IOCTL. Vulnerability Impact: Successful exploitation could allow remote attackers to cause a Denial of Service or potentially gain escalated privileges. Affected Software/OS: avast! Home and Professional version 4.8.1356 and prior on Windows. Solution: Upgrade to avast! Home and Professional version 4.8.1367 or later. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4049 BugTraq ID: 37031 http://www.securityfocus.com/bid/37031 Bugtraq: 20091114 Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation (Google Search) http://www.securityfocus.com/archive/1/507891/100/0/threaded http://www.efblog.net/2009/11/avast-aswrdrsys-kernel-pool-corruption.html https://www.evilfingers.com/advisory/Advisory/Avast_aswRdr_sys_Kernel_Pool_Corruption_and_Local_Privilege_Escalation.php http://secunia.com/advisories/37368 http://www.vupen.com/english/advisories/2009/3266
Copyright	Copyright (C) 2009 Greenbone AG