|
//----- Advisory=0D
=0D
Program : avast! 4.8.1335 Professional=0D
Homepage : http://www.avast.com=0D
Discovery : 2009/07/29=0D
Author Contacted : 2009/07/31=0D
Found by : Heurs=0D
This Advisory : Heurs=0D
Contact : heurs@ghostsinthstack.org, s.leberre@sysdream.com=0D
=0D
=0D
//----- Application description=0D
=0D
Avast! antivirus software represents complete virus protection,=0D
offering full desktop security including a resident shield.=0D
This antivirus is certified by both ICSA Labs and West Coast=0D
Labs Checkmark.=0D
=0D
//----- Description of vulnerability=0D
=0D
The File System Filter driver is prone to a local kernel buffer overflow.=0D
This vulnerability allows an intruder to gain SYSTEM privileges on a Windows=0D
system from a limited user account.=0D
=0D
=0D
//----- Proof Of Concept=0D
=0D
http://www.sysdream.com/LocalEscalation_Avast.rar=0D
=0D
//----- Credits=0D
=0D
http://www.sysdream.com=0D
http://ghostsinthestack.org=0D
=0D
s.leberre at sysdream dot com=0D
=0D
heurs at ghostsinthestack dot org=0D
=0D
//----- Greetings=0D
=0D
Virtualabs