Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsJob BoardISP NewsFAQsForumsToolsMapsAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » WinXP SP2: i2omgmt.sys Privilege Escalation Vulnerability
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
ZAP + avast or ZASS? »
« Authentication  
AuthorAll Replies

SUMware
Premium
join:2002-05-21

edit:
May 13th, @12:26PM
reply to jdong
Re: WinXP SP2: i2omgmt.sys Privilege Escalation Vulnerability

Looks like MS has provided an incentive to install SP3 (pretty please, or we'll leave your machine vulnerable).

Also from original link:
quote:
III. ANALYSIS
Exploitation allows an attacker to elevate privileges by overwriting arbitrary system memory or executing code within kernel context. An attacker needs to log-in to the target machine to exploit this vulnerability.

This driver is related to I2O protocol and RAID devices. It is not present by default on every Windows installation. However, iDefense found this driver loaded on several systems we tested.

IV. DETECTION
iDefense has confirmed the existence of this vulnerability in i2omgmt.sys version 5.1.2600.2180 as installed on some Windows XP SP2 systems. All other Windows releases with this driver, including previous versions, are suspected to be vulnerable.

V. WORKAROUND
Removing write permissions for "Everyone" appears to prevent access to the vulnerable code. Although no side effects were witnessed in lab tests, normal functionality may be hindered.
to forum · permalink · · 2008-05-13 12:13:19 · Reply to this
-
Forums » Up and Running » Security » SecurityZAP + avast or ZASS? »
« Authentication  

Saturday, 30-Aug 00:04:46 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 9 years online! © 1999-2008 dslreports.com.
page compression OFF
Most commented news this week
· [329] Comcast 250GB Cap Goes Live October 1
· [222] FBI To Allow Warrantless Investigations
· [153] Industry Reacts To Comcast Cap Plans
· [130] AT&T Thanks Democrats For Telecom Immunity
· [123] Time Warner Cable Cripples TiVO, Gets FCC Fine
· [120] Why Run FTTH When You Can Pretend You Do?
· [67] Telus CAPS 'Unlimited' EVDO Data Plans
· [65] Game Publishers Follow The RIAA's Lead
· [60] Qwest Defends Not Running FTTH
· [60] Friday Open Thread
Most people now reading
· Steele vs Paypal - Hoax or Not - You Make the Call [Security]
· [iPhone] Did I Buy A Fake iPhone? [All things Macintosh]
· Comcast has new Acceptable Use Policy besides the 250GB cap [Comcast HSI]
· If anyone wants to see pictures [Home Repair & Improvement]
· How-to: make ActionTec MI424-WR a network bridge [Verizon Fiber Optics]
· Going to Wire My House for CAT5e [Home Repair & Improvement]
· EBox cable soon to be limited? [Canadian Broadband]