CVE-2003-1233

Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command.
Configurations

Configuration 1 (hide)

cpe:2.3:a:pedestalsoftware:integrity_protection_driver:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:46

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html - Broken Link, Patch () http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html - Broken Link, Patch
References () http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html - Broken Link, Exploit, Patch () http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html - Broken Link, Exploit, Patch
References () http://secunia.com/advisories/7816 - Broken Link, Patch, Vendor Advisory () http://secunia.com/advisories/7816 - Broken Link, Patch, Vendor Advisory
References () http://www.phrack.org/show.php?p=59&a=16 - Broken Link () http://www.phrack.org/show.php?p=59&a=16 - Broken Link
References () http://www.securityfocus.com/bid/6511 - Broken Link, Patch, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/6511 - Broken Link, Patch, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 - Third Party Advisory, VDB Entry

16 Feb 2024, 19:01

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-59
First Time Pedestalsoftware
Pedestalsoftware integrity Protection Driver
CVSS v2 : 2.1
v3 : unknown
v2 : 2.1
v3 : 9.8
CPE cpe:2.3:a:pedestal_software:integrity_protection_driver:1.2:*:*:*:*:*:*:*
cpe:2.3:a:pedestal_software:integrity_protection_driver:1.3:*:*:*:*:*:*:*
cpe:2.3:a:pedestalsoftware:integrity_protection_driver:*:*:*:*:*:*:*:*
References () http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html - Patch () http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html - Broken Link, Patch
References () http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html - Exploit, Patch () http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html - Broken Link, Exploit, Patch
References () http://secunia.com/advisories/7816 - Patch, Vendor Advisory () http://secunia.com/advisories/7816 - Broken Link, Patch, Vendor Advisory
References () http://www.phrack.org/show.php?p=59&a=16 - () http://www.phrack.org/show.php?p=59&a=16 - Broken Link
References () http://www.securityfocus.com/bid/6511 - Patch () http://www.securityfocus.com/bid/6511 - Broken Link, Patch, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 - Third Party Advisory, VDB Entry

Information

Published : 2003-12-31 05:00

Updated : 2024-11-20 23:46


NVD link : CVE-2003-1233

Mitre link : CVE-2003-1233

CVE.ORG link : CVE-2003-1233


JSON object : View

Products Affected

pedestalsoftware

  • integrity_protection_driver
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')