← Volver a CVEs

CVE-2003-1233

CRITICAL

9.8

Descripcion

Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command.

Detalles CVE

Puntuacion CVSS v3.19.8

SeveridadCRITICAL

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado12/31/2003

Ultima modificacion4/3/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

pedestalsoftware:integrity_protection_driver

Debilidades (CWE)

CWE-59

Referencias

http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html(cve@mitre.org)

http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html(cve@mitre.org)

http://secunia.com/advisories/7816(cve@mitre.org)

http://www.phrack.org/show.php?p=59&a=16(cve@mitre.org)

http://www.securityfocus.com/bid/6511(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/10979(cve@mitre.org)

http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html(af854a3a-2127-422b-91ae-364da2661108)

http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/7816(af854a3a-2127-422b-91ae-364da2661108)

http://www.phrack.org/show.php?p=59&a=16(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/6511(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/10979(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.