Bugtraq: Re: Microsoft VISTA TCP/IP stack buffer overflow

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Microsoft VISTA TCP/IP stack buffer overflow

From: Edi Strosar <edi.strosar () gmail com>
Date: Tue, 25 Nov 2008 23:08:54 +0100

Administrator lives in Ring 3 while this crash happens in Ring 0.Nobody, not even Admin shouldn't be able to corrupt kernel space. It'snot a security issue per se - it's just a bug.



dale () wisefaq com wrote:

So, let me try and understand this.

According to what you have written, and the MSDN documentation on this CreateIpForwardEntry2 call, you need to be (at 
least) a member of the Administrators group.

So how is this "security vulnerability" any different to me creating a program, which will require the same 
Administrative rights, to say, wipe the boot configuration file?

By Date By Thread

Current thread:

Microsoft VISTA TCP/IP stack buffer overflow Thomas Unterleitner (Nov 19)
- <Possible follow-ups>
- Re: Microsoft VISTA TCP/IP stack buffer overflow dale (Nov 25)
  - Re: Microsoft VISTA TCP/IP stack buffer overflow Edi Strosar (Nov 25)