Back to search
CVE-2003-1233
Published: Oct 28, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20030103 Pedestal Software Security Notice
mailing-list
x_refsource_BUGTRAQ
20030103 Another way to bypass Integrity Protection Driver ('subst' vuln)
mailing-list
x_refsource_BUGTRAQ
6511
vdb-entry
x_refsource_BID
http://www.phrack.org/show.php?p=59&a=16
x_refsource_MISC
ipd-ntcreatesymboliclinkobject-subs-symlink(10979)
vdb-entry
x_refsource_XF
7816
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now