iDefense Security Advisory 11.12.07 - Local exploitation of an invalid array indexing vulnerability in the NPF.SYS device driver of WinPcap allows attackers to execute arbitrary code in kernel context. The problem specifically exists within the bpf_filter_init function. In several places throughout this function, values supplied from a potential attacker are used as array indexes without proper bounds checking. By making IOCTL requests with specially chosen values, attackers are able to corrupt the stack, or pool memory, within the kernel. iDefense has confirmed the existence of this vulnerability in version 4.0.1 of WinPcap as included in Wireshark 0.99.6a. The version of NPF.SYS tested was 4.0.0.901. iDefense suspects older versions to also be vulnerable.
510bb102e1e8e6cfc87dc73494eafc248e9211b6b3fe266221765f537a2cf67c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed