Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security VulnWatch
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of

from [Michał Majchrowicz] Network Security [Permanent Link]
Subject: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability
Date: Sun, 25 Mar 2007 21:20:07 +0100 
It seems that Vista has some problems with ATI drivers.
It was already reported that file atikmdag.sys can cause BSoD after leaving
the game (http://leovilletownsquare.com/fusionbb/showtopic.php?tid/17600/).
Today user with nickname Olo contacted my and by making some tests we where
able to determine that there are more problems with this driver and Vista.
We where using this configuration:
http://sectroyer.110mb.com/vuln/hardware.jpg
Everytime you try to turn on the slideshow with a JPG file in the folder you
get BSoD (http://sectroyer.110mb.com/vuln/vista_bsod.jpg).
You can test it by turning on the slideshow in the following directory:
c:Windows\Web\Wallpaper\
Since this case cannot be connect with 2d-3d mode changes it seems that
there is some vulnerability directly in Windows Vista which cause this BSoD
in atikmdag.sys (ATI Kernel Driver). This vulnerability can be used as a DoS
but Code Execution haven't been confirmed or denied.
Regards Michael Majchrowicz.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] iDefense Security Advisory 03.28.07: IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability, iDefense Labs
Next by Date:  [VulnWatch] Libero.it (italian ISP) XSS vulnerability, Rosario Valotta
Previous by Thread:  [Full-disclosure] iDefense Security Advisory 03.28.07: IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability, iDefense Labs
Next by Thread:  Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability, 3APA3A
Indexes:  [Date] [Thread] [Top] [All Lists]