[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : ArcaVir 2009 < 9.4.320X.9 (ps_drv.sys) Local Privilege Escalation Exploit
# Published : 2009-05-26
# Author : NT Internals
# Previous Title : COWON America jetCast 2.0.4.1109 (.mp3) Local Overflow Exploit
# Next Title : Winamp 5.551 MAKI Parsing Integer Overflow Exploit
////////////////////////////////////////////////////////////////////////////////////
// +----------------------------------------------------------------------------+ //
// | | //
// | ArcaBit Sp. z o.o. - http://www.arcabit.com/ | //
// | | //
// | Affected Software: | //
// | ArcaVir 2009 Antivirus Protection <= 9.4.3201.9 | //
// | ArcaVir 2009 Internet Security <= 9.4.3202.9 | //
// | ArcaVir 2009 System Protection <= 9.4.3203.9 | //
// | ArcaVir 2009 Home Protection <= 9.4.3204.9 | //
// | | //
// | Affected Driver: | //
// | ps_drv.sys | //
// | | //
// | Local Privilege Escalation Exploit | //
// | For Educational Purposes Only ! | //
// | | //
// +----------------------------------------------------------------------------+ //
// | | //
// | NT Internals - http://www.ntinternals.org/ | //
// | alex ntinternals org | //
// | 23 May 2009 | //
// | | //
// | References: | //
// | ArcaVir (ps_drv.sys) Multiple Privilege Escalation Vulnerabilities | //
// | NTIADV0814 - http://www.ntinternals.org/ntiadv0814/ntiadv0814.html | //
// | | //
// | Exploiting Common Flaws in Drivers | //
// | Ruben Santamarta - http://www.reversemode.com/ | //
// | | //
// +----------------------------------------------------------------------------+ //
////////////////////////////////////////////////////////////////////////////////////
Exploit:
http://ntinternals.org/ntiadv0814/PsDrv_Exp.zip
Mirror:
http://exploit-db.com/sploits/2009-PsDrv_Exp.zip
Advisory:
http://ntinternals.org/ntiadv0814/ntiadv0814.html
# www.Syue.com [2009-05-26]