[Dailydave] ID, Apples
Marc Maiffret
mmaiffret at eeye.com
Wed May 24 23:41:24 EST 2006
Remote windows kernel exploits were demonstrated in 2004 by Barnaby Jack
and within the same year by Flashsky. They both did extensive
presentations also in 2005 showing specifically how to exploit remote
kernel vulnerabilities.
Symantec Multiple Firewall Remote DNS KERNEL Overflow (April 19, 2004)
http://www.eeye.com/html/research/advisories/AD20040512D.html
Conference: Remote Windows Kernel Exploitation - Step In To the Ring 0
(2005)
http://www.blackhat.com/html/bh-usa-05/bh-usa-05-speakers.html
Paper: Remote Windows Kernel Exploitation - Step into the Ring 0 (2005)
http://www.eeye.com/~data/publish/whitepapers/research/OT20050205.FILE.p
df
-Marc
> -----Original Message-----
> From: Dave Aitel [mailto:dave at immunityinc.com]
> Sent: Sunday, May 21, 2006 5:08 PM
> To: dailydave
> Subject: [Dailydave] ID, Apples
<snip>
> Sinan Eren wrote a working version of GREENAPPLE, a remote
> kernel overflow in SMB for Windows 2000. It's available now
> to Immunity Partners, but it will be in the June Immunity
> CANVAS release, which will be interesting. Essentially it's
> the first remote kernel overflow I've ever seen - maybe
> someone knows of one I don't?
>
> -dave
>
> * Unknown Key
> * 0xE3C0FA25 - unknown
>
>
>
More information about the Dailydave
mailing list