[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock.

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock.
From: Reversemode <advisories@xxxxxxxxxxxxxxx>
Date: Wed, 14 Jun 2006 00:11:20 +0200

Microsoft Kernel Object Manager is prone to a deadlock vulnerability
which could be exploitable, making unkillable any desired process
running on the affected machine.

+ Paper/Advisory -Reversing mrxsmb.sys, Chapter II "NtClose DeadLock" -
(pdf)
+ Exploit Code (c source code)

Both two can be downloaded at www.reversemode.com

This issue seems to be addressed in the recent bulletin MS06-030.

Rubén Santamarta,
www.reversemode.com

Prev by Date: Re: Simpnews <= All version - Remote File Include Vulnerabilities
Next by Date: TikiWiki Sql injection & XSS Vulnerabilities
Previous by thread: Web-CMS <<--1.0 "print.php" SQL injection
Next by thread: TikiWiki Sql injection & XSS Vulnerabilities
Index(es):
- Date
- Thread