|
/*
Program : Kaspersky Anti-Virus 2010 9.0.0.463
Homepage : http://www.kaspersky.com
Discovery : 2009/09/29
Author Contacted : 2009/10/01
Patch Updated : 2009/11/16
Found by : Heurs
This Advisory : Heurs
Contact : s.leberre@sysdream.com
//----- Application description
The most trusted virus and spyware protection - premium protection
against viruses, spyware, Trojans, worms, bots and more. Also includes
comprehensive phishing and identity theft defense and superfast performance.
//----- Description of vulnerability
kl1.sys driver don't check inputs address of an IOCTL. An exception can be
thrown if we modify one or two DWORDs.
With my test I can't do best exploitation than a BSOD.
//----- Credits
http://www.sysdream.com
http://ghostsinthestack.org
s.leberre at sysdream dot com
heurs at ghostsinthestack dot org
//----- Greetings
Trance
*/
#include