Windows NT管理特权漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105417 漏洞类型 未知
发布时间 1999-02-18 更新时间 2006-04-19
CVE编号 CVE-1999-0376 CNNVD-ID CNNVD-199902-047
漏洞平台 Windows CVSS评分 4.6
|漏洞来源
https://www.exploit-db.com/exploits/19198
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199902-047
|漏洞详情
WindowsNT存在漏洞。本地用户可以借助该漏洞通过将KnownDLLs表变成参考恶意程序来获得管理特权。
|漏洞EXP
source: http://www.securityfocus.com/bid/234/info

The names and mappings of kernel objects in NT are cached in the "object namespace". In this area, DLL mappings are kept in a section called KnownDlls. By manipulating the namespace, it is possible to redirect calls to arbitrary dlls.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/19198.zip
|参考资料

来源:MS
名称:MS99-006
链接:http://www.microsoft.com/technet/security/bulletin/ms99-006.mspx