Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html | Broken Link Patch |
http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html | Broken Link Exploit Patch |
http://secunia.com/advisories/7816 | Broken Link Patch Vendor Advisory |
http://www.phrack.org/show.php?p=59&a=16 | Broken Link |
http://www.securityfocus.com/bid/6511 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 | Third Party Advisory VDB Entry |
http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html | Broken Link Patch |
http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html | Broken Link Exploit Patch |
http://secunia.com/advisories/7816 | Broken Link Patch Vendor Advisory |
http://www.phrack.org/show.php?p=59&a=16 | Broken Link |
http://www.securityfocus.com/bid/6511 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 | Third Party Advisory VDB Entry |
Configurations
History
20 Nov 2024, 23:46
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html - Broken Link, Patch | |
References | () http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html - Broken Link, Exploit, Patch | |
References | () http://secunia.com/advisories/7816 - Broken Link, Patch, Vendor Advisory | |
References | () http://www.phrack.org/show.php?p=59&a=16 - Broken Link | |
References | () http://www.securityfocus.com/bid/6511 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 - Third Party Advisory, VDB Entry |
16 Feb 2024, 19:01
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-59 | |
First Time |
Pedestalsoftware
Pedestalsoftware integrity Protection Driver |
|
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 9.8 |
CPE | cpe:2.3:a:pedestal_software:integrity_protection_driver:1.3:*:*:*:*:*:*:* |
cpe:2.3:a:pedestalsoftware:integrity_protection_driver:*:*:*:*:*:*:*:* |
References | () http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html - Broken Link, Patch | |
References | () http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html - Broken Link, Exploit, Patch | |
References | () http://secunia.com/advisories/7816 - Broken Link, Patch, Vendor Advisory | |
References | () http://www.phrack.org/show.php?p=59&a=16 - Broken Link | |
References | () http://www.securityfocus.com/bid/6511 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 - Third Party Advisory, VDB Entry |
Information
Published : 2003-12-31 05:00
Updated : 2024-11-20 23:46
NVD link : CVE-2003-1233
Mitre link : CVE-2003-1233
CVE.ORG link : CVE-2003-1233
JSON object : View
Products Affected
pedestalsoftware
- integrity_protection_driver
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')