Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: [Reversemode Paper] Exploiting WDM Audio Drivers

[Reversemode Paper] Exploiting WDM Audio Drivers

From: Reversemode <advisories_at_reversemode.com>
Date: Mon, 07 Jan 2008 16:30:26 +0100

Hi,

For those researchers who are interested in the driver security and also
for driver writers, the paper "Exploiting WDM Audio Drivers" has been
released.

This paper explains an attack vector inherent to certain WDM audio
drivers running on Windows Vista, XP, 2000 and 2003. Successful
exploitation could lead to local escalation of privileges.

The paper also covers the interesting case of es1371mp.sys, a vulnerable
WDM driver that can be automatically installed through Windows Update,
on systems with Ensoniq PCI 1371 based SoundCards (Certain VMware
products emulate a soundcard of this type).

It can be downloaded at :
(v 1.01)
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=54

Additionally, an exploit(es1371mp.sys)/Vuln-finder K-plugin for
Kartoffel is available at :
http://kartoffel.reversemode.com/downloads.php

Regards,
-Ruben 

---
www.reversemode.com
Received on Jan 07 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]